AAP-41692 [4.6] Update jinja2 for CVE (#6881)

* Initial bump of jinja2 lib * Run updater script
2026-01-10 15:32:07 -03:30 · 2025-03-11 10:45:37 -04:00 · 2025-03-11 10:45:37 -04:00 · b5bc85e639
commit b5bc85e639
parent f04bf5ccf0
2 changed files with 7 additions and 2 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@ -32,7 +32,7 @@ filelock
 GitPython>=3.1.37  # CVE-2023-41040
 grpcio>=1.68.0  # CVE-2024-11407
 irc
-jinja2>=3.1.5  # CVE-2024-56201
+jinja2>=3.1.6  # CVE-2025-27516
 JSON-log-formatter
 jsonschema
 Markdown  # used for formatting API help
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@ -30,6 +30,7 @@ asgiref==3.7.2
    #   channels-redis
    #   daphne
    #   django
+    #   django-ansible-base
    #   django-cors-headers
 asn1==2.7.0
    # via -r /awx_devel/requirements/requirements.in
@ -262,7 +263,7 @@ jaraco-text==3.12.0
    # via
    #   irc
    #   jaraco-collections
-jinja2==3.1.5
+jinja2==3.1.6
    # via -r /awx_devel/requirements/requirements.in
 jmespath==1.0.1
    # via
@ -416,6 +417,7 @@ pygerduty==0.38.3
 pyjwt[crypto]==2.8.0
    # via
    #   adal
+    #   django-ansible-base
    #   msal
    #   social-auth-core
    #   twilio
@ -478,6 +480,7 @@ requests==2.32.3
    #   -r /awx_devel/requirements/requirements.in
    #   adal
    #   azure-core
+    #   django-ansible-base
    #   django-oauth-toolkit
    #   kubernetes
    #   msal
@ -537,6 +540,7 @@ sqlparse==0.5.0
    # via
    #   -r /awx_devel/requirements/requirements.in
    #   django
+    #   django-ansible-base
 tacacs-plus==1.0
    # via -r /awx_devel/requirements/requirements.in
 tempora==5.5.1
@ -576,6 +580,7 @@ urllib3==1.26.20
    # via
    #   -r /awx_devel/requirements/requirements.in
    #   botocore
+    #   django-ansible-base
    #   kubernetes
    #   requests
 uwsgi==2.0.28