[PATCH] doc/sphinx: Bump Jinja2 to 3.1.4

Heinrich Schuchardt heinrich.schuchardt at canonical.com
Fri May 10 11:32:10 CEST 2024


On 5/6/24 23:22, Tom Rini wrote:
> While we unlikely to have an issue with CVE-2024-22195, it is simple
> enough to bump our version of Jinja2 to receive the fix, do so.
> 
> Reported-by: GitHub dependabot
> Signed-off-by: Tom Rini <trini at konsulko.com>

Tested-by: Heinrich Schuchardt <xypron.glpk at gmx.de>

Hello tom,

My review queue is rather empty. Do you want to pick up this patch directly?

Best regards

Heinrich

> ---
>   doc/sphinx/requirements.txt | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/doc/sphinx/requirements.txt b/doc/sphinx/requirements.txt
> index 5b4df36804b5..426f41e1a028 100644
> --- a/doc/sphinx/requirements.txt
> +++ b/doc/sphinx/requirements.txt
> @@ -5,7 +5,7 @@ charset-normalizer==3.3.2
>   docutils==0.20.1
>   idna==3.7
>   imagesize==1.4.1
> -Jinja2==3.1.3
> +Jinja2==3.1.4
>   MarkupSafe==2.1.3
>   packaging==23.2
>   Pygments==2.17.2



More information about the U-Boot mailing list