Jinja bugfix and security update (#1473)

hasys · web-flow · commit 46f05aa47275 · 2025-01-02T11:02:58.000+01:00
diff --git a/pyproject.toml b/pyproject.toml
@@ -25,7 +25,7 @@ dependencies = [
   'grpcio~=1.66.2',
   'ipython~=8.10.0',
   'jwcrypto~=1.5.6',
-  'jinja2~=3.1.3',
+  'jinja2~=3.1.5',
   'langchain~=0.3.10',
   'langchain-ollama~=0.2.1',
   'launchdarkly-server-sdk~=8.3.0',
diff --git a/requirements-aarch64.txt b/requirements-aarch64.txt
@@ -180,7 +180,7 @@ ipython==8.10.0
     # via -r requirements.in
 jedi==0.19.1
     # via ipython
-jinja2==3.1.4
+jinja2==3.1.5
     # via
     #   -r requirements.in
     #   ansible-core
diff --git a/requirements-x86_64.txt b/requirements-x86_64.txt
@@ -180,7 +180,7 @@ ipython==8.10.0
     # via -r requirements.in
 jedi==0.19.1
     # via ipython
-jinja2==3.1.4
+jinja2==3.1.5
     # via
     #   -r requirements.in
     #   ansible-core
diff --git a/requirements.in b/requirements.in
@@ -37,9 +37,10 @@ ipython==8.10.0
 # remove this once django-oauth-toolkit is updated to properly
 # pull a version of jwcrypto >= 1.5.6.
 jwcrypto==1.5.6
-# pin jinja2 on 3.1.4 to address GHSA-h75v-3vvj-5mfj
+# pin jinja2 on 3.1.5 to address GHSA-h75v-3vvj-5mfj, 
+# CVE-2024-56326, CVE-2024-56201
 # remove this once ansible-core or torch are updated
-jinja2==3.1.4
+jinja2==3.1.5
 # pin jsonpickle on 3.3.0 to address SNYK-PYTHON-JSONPICKLE-8136229
 # remove this once ansible-risk-insight is updated
 jsonpickle==3.3.0
