[Python-modules-team] Bug#980189: flask-security: CVE-2021-21241

Salvatore Bonaccorso carnil at debian.org
Fri Jan 15 20:09:30 GMT 2021


On Fri, Jan 15, 2021 at 08:59:31PM +0100, Salvatore Bonaccorso wrote:
[...]
> Admitelly the CVE description currently on MITRE is quite confusing
> reffering to Flask-Security-Too package. But the other references
> pointed out and reviewing the changes seem to apply to the original
> project as well (I might miss something here).

I can answer this part myself "Flask-Security-Too" is the "upstream".

flask-security (3.4.2-1) unstable; urgency=medium
[...]
  * Switch upstream to Flask-Security-Too.
[...]

Regards,
Salvatore



More information about the Python-modules-team mailing list