[Git][security-tracker-team/security-tracker][master] Reserve DLA-3536-1 for flask

Sean Whitton (@spwhitton) spwhitton at debian.org
Sun Aug 20 19:36:35 BST 2023



Sean Whitton pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb8bcb71 by Sean Whitton at 2023-08-20T19:36:20+01:00
Reserve DLA-3536-1 for flask

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -13838,7 +13838,6 @@ CVE-2023-2167
 CVE-2023-30861 (Flask is a lightweight WSGI web application framework. When all of the ...)
 	{DSA-5442-1}
 	- flask 2.2.2-3 (bug #1035670)
-	[buster] - flask <postponed> (Minor issue)
 	NOTE: https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq
 	NOTE: https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d (2.2.5)
 	NOTE: https://github.com/pallets/flask/commit/8705dd39c4fa563ea0fe0bf84c85da8fcc98b88d (2.3.2)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 Aug 2023] DLA-3536-1 flask - security update
+	{CVE-2023-30861}
+	[buster] - flask 1.0.2-3+deb10u1
 [17 Aug 2023] DLA-3535-1 unrar-nonfree - security update
 	{CVE-2022-48579}
 	[buster] - unrar-nonfree 1:5.6.6-1+deb10u3


=====================================
data/dla-needed.txt
=====================================
@@ -50,11 +50,6 @@ dogecoin
 firmware-nonfree
   NOTE: 20230820: Added by Front-Desk (ta)
 --
-flask (Sean Whitton)
-  NOTE: 20230811: Added by Front-Desk (Beuc)
-  NOTE: 20230811: Check DSA-5442-1 (Beuc/front-desk)
-  NOTE: 20230811: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/35
---
 flask-security (Sean Whitton)
   NOTE: 20230811: Added by Front-Desk (Beuc)
   NOTE: 20230811: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/37



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb8bcb719dc83b8a50dfb19cd1a9ce71344f8d8b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb8bcb719dc83b8a50dfb19cd1a9ce71344f8d8b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230820/b3ec0e52/attachment.htm>


More information about the debian-security-tracker-commits mailing list