Ubuntu CVE Tracker

Merge ~yomonokio/ubuntu-cve-tracker:flask-security into ubuntu-cve-tracker:master

Proposed by Chrisa Oikonomou on 2024-05-28

Status:	Merged
Merged at revision:	13d88919b7533d4b04078fd8c488e34c1b8df029
Proposed branch:	~yomonokio/ubuntu-cve-tracker:flask-security
Merge into:	ubuntu-cve-tracker:master
Diff against target:	37 lines (+7/-5) 1 file modified active/CVE-2021-23385 (+7/-5)
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Eduardo Barretto		2024-05-28	Approve on 2024-05-29
Review via email: mp+466513@code.launchpad.net

Commit message

flask-security USN update

Description of the change

flask-security USN update

Revision history for this message

Eduardo Barretto (ebarretto) wrote on 2024-05-29:

lgtm, thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Aravind

Chrisa Oikonomou

Philip Roche

Robert C Jennings

Simon Quigley

Steve Beattie

Ubuntu Security Team

1	diff --git a/active/CVE-2021-23385 b/active/CVE-2021-23385
2	index d2e61c3..60dd752 100644
3	--- a/active/CVE-2021-23385
4	+++ b/active/CVE-2021-23385
5	@@ -1,3 +1,4 @@
6	+PublicDateAtUSN: 2022-08-02 14:15:00 UTC
7	Candidate: CVE-2021-23385
8	PublicDate: 2022-08-02 14:15:00 UTC
9	References:
10	@@ -5,6 +6,7 @@ References:
11	https://github.com/mattupstate/flask-security
12	https://snyk.io/blog/url-confusion-vulnerabilities/
13	https://www.cve.org/CVERecord?id=CVE-2021-23385
14	+ https://ubuntu.com/security/notices/USN-6792-1
15	Description:
16	This affects all versions of package Flask-Security. When using the
17	get_post_logout_redirect and get_post_login_redirect functions, it is
18	@@ -32,14 +34,14 @@ trusty_flask-security: ignored (end of standard support)
19	trusty/esm_flask-security: DNE
20	xenial_flask-security: DNE
21	bionic_flask-security: ignored (end of standard support, was needs-triage)
22	-esm-apps/bionic_flask-security: needed
23	-focal_flask-security: needed
24	-esm-apps/focal_flask-security: needed
25	+esm-apps/bionic_flask-security: released (1.7.5-2ubuntu0.18.04.1~esm1)
26	+focal_flask-security: released (1.7.5-2ubuntu0.20.04.1)
27	+esm-apps/focal_flask-security: not-affected (1.7.5-2ubuntu0.20.04.1)
28	groovy_flask-security: ignored (end of life)
29	hirsute_flask-security: ignored (end of life)
30	impish_flask-security: ignored (end of life)
31	-jammy_flask-security: needed
32	-esm-apps/jammy_flask-security: needed
33	+jammy_flask-security: released (4.0.0-1ubuntu0.1)
34	+esm-apps/jammy_flask-security: not-affected (4.0.0-1ubuntu0.1)
35	kinetic_flask-security: ignored (end of life, was needs-triage)
36	lunar_flask-security: ignored (end of life, was needs-triage)
37	mantic_flask-security: not-affected (4.0.0-1+deb11u1)