[Git][security-tracker-team/security-tracker][master] Reserve DLA-3536-1 for flask
Sean Whitton (@spwhitton)
spwhitton at debian.org
Sun Aug 20 19:36:35 BST 2023
Sean Whitton pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fb8bcb71 by Sean Whitton at 2023-08-20T19:36:20+01:00
Reserve DLA-3536-1 for flask
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -13838,7 +13838,6 @@ CVE-2023-2167
CVE-2023-30861 (Flask is a lightweight WSGI web application framework. When all of the ...)
{DSA-5442-1}
- flask 2.2.2-3 (bug #1035670)
- [buster] - flask <postponed> (Minor issue)
NOTE: https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq
NOTE: https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d (2.2.5)
NOTE: https://github.com/pallets/flask/commit/8705dd39c4fa563ea0fe0bf84c85da8fcc98b88d (2.3.2)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 Aug 2023] DLA-3536-1 flask - security update
+ {CVE-2023-30861}
+ [buster] - flask 1.0.2-3+deb10u1
[17 Aug 2023] DLA-3535-1 unrar-nonfree - security update
{CVE-2022-48579}
[buster] - unrar-nonfree 1:5.6.6-1+deb10u3
=====================================
data/dla-needed.txt
=====================================
@@ -50,11 +50,6 @@ dogecoin
firmware-nonfree
NOTE: 20230820: Added by Front-Desk (ta)
--
-flask (Sean Whitton)
- NOTE: 20230811: Added by Front-Desk (Beuc)
- NOTE: 20230811: Check DSA-5442-1 (Beuc/front-desk)
- NOTE: 20230811: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/35
---
flask-security (Sean Whitton)
NOTE: 20230811: Added by Front-Desk (Beuc)
NOTE: 20230811: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/37
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb8bcb719dc83b8a50dfb19cd1a9ce71344f8d8b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb8bcb719dc83b8a50dfb19cd1a9ce71344f8d8b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230820/b3ec0e52/attachment.htm>
More information about the debian-security-tracker-commits
mailing list