[Python-modules-team] Bug#980189: flask-security: CVE-2021-21241
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 15 20:09:30 GMT 2021
On Fri, Jan 15, 2021 at 08:59:31PM +0100, Salvatore Bonaccorso wrote:
[...]
> Admitelly the CVE description currently on MITRE is quite confusing
> reffering to Flask-Security-Too package. But the other references
> pointed out and reviewing the changes seem to apply to the original
> project as well (I might miss something here).
I can answer this part myself "Flask-Security-Too" is the "upstream".
flask-security (3.4.2-1) unstable; urgency=medium
[...]
* Switch upstream to Flask-Security-Too.
[...]
Regards,
Salvatore
More information about the Python-modules-team
mailing list