lee/changedetection.io
1
0
Fork 0
mirror of https://github.com/dgtlmoon/changedetection.io.git synced 2025-10-30 14:17:40 +00:00
Code Issues Actions 26 Packages Projects Releases Wiki Activity

Merge pull request from GHSA-4r7v-whpg-8rx3

Browse Source 
* CVE-2024-32651 - Security fix - Server Side Template Injection in Jinja2 allows Remote Command Execution

* use ImmutableSandboxedEnvironment also in validation
This commit is contained in:
dgtlmoon
2024-04-25 22:06:09 +02:00
committed by GitHub
parent 1ba29655f5
commit bd6eda696c
15 changed files with 147 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/test-only.yml vendored
View File

@@ -59,6 +59,7 @@ jobs:
echo "run test with unittest"
docker run test-changedetectionio bash -c 'python3 -m unittest changedetectionio.tests.unit.test_notification_diff'
docker run test-changedetectionio bash -c 'python3 -m unittest changedetectionio.tests.unit.test_watch_model'
docker run test-changedetectionio bash -c 'python3 -m unittest changedetectionio.tests.unit.test_jinja2_security'
# All tests
echo "run test with pytest"