[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-1010083, flask: Link to fixing commit

Markus Koschany apo at debian.org
Fri Aug 16 21:28:30 BST 2019 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a10f6cdc by Markus Koschany at 2019-08-16T20:28:12Z
CVE-2019-1010083, flask: Link to fixing commit

- - - - -
b064605e by Markus Koschany at 2019-08-16T20:28:12Z
Add flask to dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -15811,7 +15811,8 @@ CVE-2019-1010084 (Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: In
 	NOT-FOR-US: Dancer::Plugin::SimpleCRUD
 CVE-2019-1010083 (The Pallets Project Flask before 1.0 is affected by: unexpected memory ...)
 	- flask 1.0.2-1
-	TODO: check fixing commit(s)
+	NOTE: https://www.palletsprojects.com/blog/flask-1-0-released/
+	NOTE: https://github.com/pallets/flask/pull/2691/commits/ab4142215d836b0298fc47fa1e4b75408b9c37a0
 CVE-2019-1010082
 	RESERVED
 CVE-2019-1010081


=====================================
data/dla-needed.txt
=====================================
@@ -24,6 +24,8 @@ faad2 (Hugo Lefeuvre)
   NOTE: merged at some point. see https://github.com/knik0/faad2/pull/36
   NOTE: working on more patches (hle)
 --
+flask
+--
 freeimage
   NOTE: Maintainer will take care of the update.
   NOTE: https://lists.debian.org/debian-lts/2019/05/msg00079.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/684a4f678d48d5ba1374f828f34e43b82e9d4864...b064605eed99dd3b529b7ccdea3eb4a83ace973e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/684a4f678d48d5ba1374f828f34e43b82e9d4864...b064605eed99dd3b529b7ccdea3eb4a83ace973e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190816/e34f67bb/attachment.html>

More information about the debian-security-tracker-commits mailing list