Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jinja2 CVE fix #6992

Merged
merged 1 commit into from
Oct 1, 2024
Merged

jinja2 CVE fix #6992

merged 1 commit into from
Oct 1, 2024

Conversation

ssheorey
Copy link
Member

@ssheorey ssheorey commented Oct 1, 2024

Type

  • Bug fix (non-breaking change which fixes an issue): Fixes #
  • New feature (non-breaking change which adds functionality). Resolves #
  • Breaking change (fix or feature that would cause existing functionality to not work as expected) Resolves #

Motivation and Context

Jinja2 CVE: https://github.com/isl-org/Open3D/security/dependabot/6

Checklist:

  • I have run python util/check_style.py --apply to apply Open3D code style
    to my code.
  • This PR changes Open3D behavior or adds new functionality.
    • Both C++ (Doxygen) and Python (Sphinx / Google style) documentation is
      updated accordingly.
    • I have added or updated C++ and / or Python unit tests OR included test
      results
      (e.g. screenshots or numbers) here.
  • I will follow up and update the code if CI fails.
  • For fork PRs, I have selected Allow edits from maintainers.

Description

Update jinja2 from 3.1.3 to 3.1.4 to fix the CVE

Copy link

update-docs bot commented Oct 1, 2024

Thanks for submitting this pull request! The maintainers of this repository would appreciate if you could update the CHANGELOG.md based on your changes.

@ssheorey ssheorey requested a review from benjaminum October 1, 2024 16:57
@ssheorey
Copy link
Member Author

ssheorey commented Oct 1, 2024

No change to generated docs, as far as I can tell. Looked at tutorials, notebooks, Python API, examples.

@ssheorey ssheorey merged commit dd0d359 into main Oct 1, 2024
40 of 45 checks passed
@ssheorey ssheorey deleted the ss/jinja-cve branch October 1, 2024 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants