From b23759fa6498f200f7557d40264515d8cf41cb1d Mon Sep 17 00:00:00 2001
From: changtao <changtao@kylinos.cn>
Date: Sun, 15 Dec 2024 11:59:30 +0800
Subject: [PATCH] fix CVE-2024-56326

---
 Jinja2-2.11.2/tests/test_security.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Jinja2-2.11.2/tests/test_security.py b/Jinja2-2.11.2/tests/test_security.py
index 2e2af69..0d3e60c 100644
--- a/Jinja2-2.11.2/tests/test_security.py
+++ b/Jinja2-2.11.2/tests/test_security.py
@@ -179,12 +179,12 @@ class TestStringFormat(object):
 
     def test_safe_format_safety(self):
         env = SandboxedEnvironment()
-        t = env.from_string('{{ ("a{0.__class__}b{1}"|safe).format(42, "<foo>") }}')
+        t = env.from_string('{{ ("a{0}b{1}"|safe).format("", "<foo>") }}')
         assert t.render() == "ab&lt;foo&gt;"
 
     def test_safe_format_all_okay(self):
         env = SandboxedEnvironment()
-        t = env.from_string('{{ ("a{0.foo}b{1}"|safe).format({"foo": 42}, "<foo>") }}')
+        t = env.from_string('{{ ("a{0[foo]}b{1}"|safe).format({"foo": 42}, "<foo>") }}')
         assert t.render() == "a42b&lt;foo&gt;"
 
 
-- 
2.43.0