From 6c305f74765e8faf36947391f15d9d9d67ba3d71 Mon Sep 17 00:00:00 2001
From: Nikita Shulga <2453524+malfet@users.noreply.github.com>
Date: Mon, 27 Apr 2026 16:21:18 -0700
Subject: [PATCH 1/2] Update jinja2 version to 3.1.5

See https://nvd.nist.gov/vuln/detail/CVE-2024-56326
---
 .ci/docker/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/docker/requirements.txt b/.ci/docker/requirements.txt
index 2a848774b4..39fc0a061e 100644
--- a/.ci/docker/requirements.txt
+++ b/.ci/docker/requirements.txt
@@ -37,7 +37,7 @@ spacy==3.7.1  # Keep this version consistent with the model version in .jenkins/
 ray[serve,train,tune]==2.55.0
 tiktoken
 tensorboard
-jinja2==3.1.3
+jinja2==3.1.5
 pytorch-lightning
 torchx
 torchrl==0.10.1

From 6dd2eb640c9a84d43e6d4c96db96e86171feb49e Mon Sep 17 00:00:00 2001
From: Nikita Shulga <2453524+malfet@users.noreply.github.com>
Date: Mon, 27 Apr 2026 16:22:58 -0700
Subject: [PATCH 2/2] Apply suggestion from @malfet

---
 .ci/docker/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ci/docker/requirements.txt b/.ci/docker/requirements.txt
index 39fc0a061e..c468978153 100644
--- a/.ci/docker/requirements.txt
+++ b/.ci/docker/requirements.txt
@@ -37,7 +37,7 @@ spacy==3.7.1  # Keep this version consistent with the model version in .jenkins/
 ray[serve,train,tune]==2.55.0
 tiktoken
 tensorboard
-jinja2==3.1.5
+jinja2==3.1.6
 pytorch-lightning
 torchx
 torchrl==0.10.1