Summary: | <dev-python/flask-security-3.4.5: CSRF vulnerability (CVE-2021-21241) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | mgorny, python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-hh7m-rx4f-4vpv | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2021-01-11 22:05:19 UTC
Please bump to 3.4.5. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82176833aacf96541f5af679e03e463667a4ce73 commit 82176833aacf96541f5af679e03e463667a4ce73 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2021-01-11 23:43:00 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2021-01-11 23:56:25 +0000 dev-python/flask-security: Bump to 3.4.5 Bug: https://bugs.gentoo.org/765016 Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-python/flask-security/Manifest | 1 + .../flask-security/flask-security-3.4.5.ebuild | 74 ++++++++++++++++++++++ 2 files changed, 75 insertions(+) amd64 x86 (ALLARCHES) done all arches done Please cleanup. Done in March: commit 5eb38e39bb838415ba4cd33ce58fbfc7ba44a1dc Author: Michał Górny <mgorny@gentoo.org> Date: Tue Mar 2 09:51:29 2021 +0100 dev-python/flask-security: Remove old Signed-off-by: Michał Górny <mgorny@gentoo.org> delete mode 100644 dev-python/flask-security/files/flask-security-3.4.3-optional-deps.patch delete mode 100644 dev-python/flask-security/flask-security-3.4.4.ebuild delete mode 100644 dev-python/flask-security/flask-security-3.4.5.ebuild All done! |