-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 11 May 2023 12:39:19 +0200 Source: flask Architecture: source Version: 2.2.2-3 Distribution: unstable Urgency: high Maintainer: Debian Python Team <team+python@tracker.debian.org> Changed-By: Thomas Goirand <zigo@debian.org> Closes: 1035670 Changes: flask (2.2.2-3) unstable; urgency=high . * CVE-2023-30861: Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header. Applied upstream patch: set Vary: Cookie header consistently for session (Closes: #1035670). Checksums-Sha1: f6ea3261f449f168552d1ab0efc56c794a866389 2497 flask_2.2.2-3.dsc e96fb745aad15c475173f092b2e4dd57c2ecab2b 8372 flask_2.2.2-3.debian.tar.xz fde59a1b079c3466fc297d72cac08cadf225cd48 8511 flask_2.2.2-3_amd64.buildinfo Checksums-Sha256: c53168c98b85bd6b74b8ac6b810bad6bcdfc8be0ae8c6be98367a115ee7e9550 2497 flask_2.2.2-3.dsc e20c2c4d90eb02780fa2712a4fd7b2c192bd856c403c8f104ebdffa5078bac21 8372 flask_2.2.2-3.debian.tar.xz 3d07c8f839a50f67f841583c0010edb598b767a436a31d839bbe5f2637787e3f 8511 flask_2.2.2-3_amd64.buildinfo Files: 17139565f967b5b6698e2304f9def61b 2497 python optional flask_2.2.2-3.dsc 87128aed635fac063ace7b32cff22bb1 8372 python optional flask_2.2.2-3.debian.tar.xz 43bd28a9e49000a0f48fd4697689caa6 8511 python optional flask_2.2.2-3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmRcxuwACgkQ1BatFaxr Q/67IRAAnan//Er2vvtkV02o/I3W/oD9TmcBW2sB+QGOX0nQt/5tX94sHcr1XROP 1C7kkqqKLkBQfTny/mP+04FYwdRBflkKvKaDM4AEHSxeQNWsvhcH2yRHipjObEr1 YY1/lRprb3SezrQS+L9V0gFqEzWZXqhUTPLWapKRnkU+V2a3U0a/s87jyqNrQABX o1rJAizjFk2MKilbVx9lB7I4HuPXYu1q5l258VI7DRzOTe6w/4cbd6DX3FoMeJx7 AmKZ6rere3dTo9FeGmrVos+bZ/Xa+6+0LY07yoaT6BcGGK4N/SzPrQnJaXuxwHb3 2CBx8zdVkka7EaRs6Jfb/OXDCO1SO3JgLJYqYIX+LWovvBadtEKuoc+++LhYXEDM aS06A0L/QH5jCgwnSpocJJDWpGQQNudzoYCVa1GYS2yQp68KNtB7xQOm3sIrTo4K p3rz/hubJGfhUp426w0bzwmSucc8HmoKQqFoHzRxLd7zfGqLcc3xSQSslxzZnb41 ohgzPAS136FeErHlFtyAL3gQby3OVaXjHl/bD5McdAK9aYopLlxtgcP9yvKkAr1o wSrtcd4AdbCo1fEBk4hqjok74+50MM0UZHhZsK5yXPRELmjVphZCc9yZMT2zdLes L0yIGhmTL4/4jaF//U7GMXvGVVLlBax54MuMq8//Fin1tfGmzaQ= =nrAr -----END PGP SIGNATURE-----