From f2befcfc927b4dad760f6ffadba160032587eec0 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Tue, 11 Mar 2025 09:07:34 +0100
Subject: [PATCH] - bundled jinja2: fix CVE-2025-27516   Resolves: RHEL-82713

---
 fence-agents.spec | 8 ++++++--
 sources           | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/fence-agents.spec b/fence-agents.spec
index fe27b2b..e16818d 100644
--- a/fence-agents.spec
+++ b/fence-agents.spec
@@ -38,7 +38,7 @@
 %global websocketclient 	websocket-client
 %global websocketclient_version 1.2.1
 %global jinja2			jinja2
-%global jinja2_version		3.1.5
+%global jinja2_version		3.1.6
 %global markupsafe		MarkupSafe
 %global markupsafe_version	2.0.1
 %global stringutils		string-utils
@@ -57,7 +57,7 @@
 Name: fence-agents
 Summary: Set of unified programs capable of host isolation ("fencing")
 Version: 4.10.0
-Release: 85%{?alphatag:.%{alphatag}}%{?dist}
+Release: 86%{?alphatag:.%{alphatag}}%{?dist}
 License: GPLv2+ and LGPLv2+
 URL: https://github.com/ClusterLabs/fence-agents
 Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz
@@ -1534,6 +1534,10 @@ are located on corosync cluster nodes.
 %endif
 
 %changelog
+* Tue Mar 11 2025 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-86
+- bundled jinja2: fix CVE-2025-27516
+  Resolves: RHEL-82713
+
 * Fri Jan 31 2025 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-85
 - fence_azure_arm: use azure-identity instead of msrestazure, which has
   been deprecated
diff --git a/sources b/sources
index 1209854..824b7fc 100644
--- a/sources
+++ b/sources
@@ -80,7 +80,7 @@ SHA512 (PyYAML-5.1.tar.gz) = 8f27f92bdfa310a99dd6d83947332cc033fa18f0011998bb585
 SHA512 (rsa-4.7.2.tar.gz) = 63f561774dbaa10511167cba31e0f852e32b3250f2803edaa2729dc2b28baa2c42cb79dfbd49e38eb42ce82f665ed4c3d9dcc810c37380401e2c62202b1c7948
 SHA512 (six-1.16.0.tar.gz) = 076fe31c8f03b0b52ff44346759c7dc8317da0972403b84dfe5898179f55acdba6c78827e0f8a53ff20afe8b76432c6fe0d655a75c24259d9acbaa4d9e8015c0
 SHA512 (websocket-client-1.2.1.tar.gz) = fdbeb7ac2add27478a17b388ac62e9378094a368f29749d8b63c274ee41836506369dddd083956f42f1f2d74948392b3ddd59b801c98f9e028c126bdb54c636b
-SHA512 (jinja2-3.1.5.tar.gz) = 75ad0094482c69d45fcd3aa8ee32e249931e53fee3f804f6ddfd5b6da0ed16962d8f1fced811e7dcb4d8401fadd828e77528d6d1280547a7d4f5f77cccf9bbd4
+SHA512 (jinja2-3.1.6.tar.gz) = bddd5e142f1462426c57b2efafdfafdfc6b66de257668707940896feae71eabdf19e0b6e34ef49b965153baf9b1eb59bb5a97349bb287ea0921dd2a751e967ab
 SHA512 (MarkupSafe-2.0.1.tar.gz) = 77249bda784111ece15d59eb3de1cbb37a58fb9f22902fe6b73fea9eb0f23857ccbe53dc55463278e3b91f78dc35e2b027fd823ca50d88d8985d5a98ce2327f1
 SHA512 (python-string-utils-1.0.0.tar.gz) = 23ee48053848edd74915a985ee9edec48bbba468e228745f7d27b6a855c67f6b7ddf1cf71049458bf0b1c6c4d4f905ebacfac960597cbadbbe2daa1fe9472280
 SHA512 (requests-2.26.0.tar.gz) = c3397d77f0d2f1afb05661c4b98adad6c1ddaf360906254150b33ab0d9479fd306905bd6d61b8cf8becd9a40bdcf9b03542e8267c644ef19f03f44bfca0bc461