Debian Package Tracker

general

source: flask (main)
version: 1.0.2-3
maintainer: Piotr Ożarowski (DMD)
uploaders: Ondřej Nový [DMD] – Debian Python Modules Team (archive) [DMD]
arch: all
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.10.1-2
o-o-sec: 0.10.1-2+deb8u1
oldstable: 0.12.1-1
stable: 1.0.2-3
testing: 1.0.2-3
unstable: 1.0.2-3

versioned links

0.10.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.10.1-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.12.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python-flask
python-flask-doc (1 bugs: 0, 1, 0, 0)
python3-flask

action needed

A new upstream version is available: 1.1.1 high

A new upstream version 1.1.1 is available, you should consider packaging it.

Created: 2019-08-16 Last update: 2019-08-25 16:31

1 security issue in jessie high

There is 1 open security issue in jessie.

1 important issue:

CVE-2019-1010083: The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1.

Please fix it.

Created: 2018-08-21 Last update: 2019-08-20 07:58

2 security issues in stretch high

There are 2 open security issues in stretch.

1 important issue:

CVE-2019-1010083: The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1.

1 issue skipped by the security teams:

CVE-2018-1000656: The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3.

Please fix them.

Created: 2018-08-21 Last update: 2019-08-20 07:58

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

python-flask-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2019-08-23 04:07

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.1.1-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 90a1beff2c2ccd9bd935ec8e42c29d30bf076259
Author: Ondřej Nový <onovy@debian.org>
Date:   Sat Jul 20 00:29:37 2019 +0200

    Use debhelper-compat instead of debian/compat

commit de2f803b0e051cac626390160e647e91022e9885
Author: Ondřej Nový <onovy@debian.org>
Date:   Sat Jul 20 00:29:37 2019 +0200

    d/copyright: Bump my copyright year

commit 6fc077a81f49aacacc7517f1331fe1b0184f04b5
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 01:05:32 2019 +0200

    d/rules: Fix building for new upstream release

commit 9b22b2f65d81807a99cc30beedd537a038b07736
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 01:05:04 2019 +0200

    d/rules: Disable test_main_module_paths test, it doesn't work

commit 8afba58e9090e051d1022a6ddfcbc32ae61fddae
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 01:04:17 2019 +0200

    Add python3-sphinx-issues to B-D and bump required version of python{,3}-werkzeug

commit 4af949f5dff18f1d497f57a24a4d9531b580ed2e
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 01:03:03 2019 +0200

    Bump standards version to 4.4.0 (no changes)

commit 7c4e646c5c919fd78dfb2b10a892e16dcaef9c93
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 00:39:08 2019 +0200

    Drop patches, not needed anymore or applied upstream
    
    * Drop patches, not needed anymore or applied upstream:
      - 0002-remove-DocVersion-related.patch
      - 0003-fix-issue-no-theme-named-flask-found.patch
      - 0004-empty-CONTRIBUTING-rst.patch
      - 0005-remove-carbon-ads.patch

commit 1e68014f635ad32dfe5b94c04b2a251172d539c1
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 00:35:46 2019 +0200

    wrap-and-sort -ast

commit 2c98495ad34674780ea5c5920809ae3f3942fc18
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 00:34:19 2019 +0200

    New upstream version

commit ae47374fb996693c46c4f9a415561c41055184c7
Merge: 6eff665 6fa7b49
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 00:33:38 2019 +0200

    Update upstream source from tag 'upstream/1.1.1'
    
    Update to upstream version '1.1.1'
    with Debian dir 764ee267498ff41e51ac353243bc4598de2b3602

commit 6fa7b49c510d15d7d2d31e6cd1f08a131028f8df
Author: Ondřej Nový <onovy@debian.org>
Date:   Tue Jul 16 00:33:38 2019 +0200

    New upstream version 1.1.1

Created: 2019-07-16 Last update: 2019-08-22 23:24

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2019-08-14 Last update: 2019-08-14 03:07

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-07-08 20:08

news

[rss feed]

[2019-08-20] Accepted flask 0.10.1-2+deb8u1 (source all) into oldoldstable (Abhijith PA)
[2018-09-29] flask 1.0.2-3 MIGRATED to testing (Debian testing watch)
[2018-09-27] Accepted flask 1.0.2-3 (source all) into unstable (Ondřej Nový)
[2018-09-20] flask 1.0.2-2 MIGRATED to testing (Debian testing watch)
[2018-09-18] Accepted flask 1.0.2-2 (source) into unstable (Ondřej Nový)
[2018-05-30] flask 1.0.2-1 MIGRATED to testing (Debian testing watch)
[2018-05-16] Accepted flask 1.0.2-1 (source) into unstable (Ondřej Nový)
[2018-03-10] flask 0.12.2-4 MIGRATED to testing (Debian testing watch)
[2018-03-05] Accepted flask 0.12.2-4 (source all) into unstable (Ondřej Nový)
[2018-01-21] flask 0.12.2-3 MIGRATED to testing (Debian testing watch)
[2018-01-15] Accepted flask 0.12.2-3 (source) into unstable (Ondřej Nový)
[2017-07-15] flask 0.12.2-2 MIGRATED to testing (Debian testing watch)
[2017-07-09] Accepted flask 0.12.2-2 (source) into unstable (Ondřej Nový)
[2017-06-26] flask 0.12.2-1 MIGRATED to testing (Debian testing watch)
[2017-06-20] Accepted flask 0.12.2-1 (source) into unstable (Ondřej Nový)
[2017-05-15] Accepted flask 0.12.1-1~bpo8+1 (source all) into jessie-backports->backports-policy, jessie-backports (Ondřej Nový)
[2017-04-18] flask 0.12.1-1 MIGRATED to testing (Debian testing watch)
[2017-04-13] Accepted flask 0.12.1-1 (source) into unstable (Ondřej Nový)
[2017-01-05] flask 0.12-1 MIGRATED to testing (Debian testing watch)
[2016-12-25] Accepted flask 0.12-1 (source) into unstable (Ondřej Nový)
[2016-07-25] flask 0.11.1-1 MIGRATED to testing (Debian testing watch)
[2016-07-19] Accepted flask 0.11.1-1 (source all) into unstable (Piotr Ożarowski) (signed by: Piotr Ozarowski)
[2013-11-01] flask 0.10.1-2 MIGRATED to testing (Debian testing watch)
[2013-08-08] Accepted flask 0.10.1-2 (source all) (Piotr Ożarowski) (signed by: Piotr Ozarowski)
[2013-06-16] Accepted flask 0.10.1-1 (source all) (Piotr Ożarowski) (signed by: Piotr Ozarowski)
[2013-05-21] flask 0.9-2 MIGRATED to testing (Debian testing watch)
[2013-05-10] Accepted flask 0.9-2 (source all) (Piotr Ożarowski) (signed by: Piotr Ozarowski)
[2012-08-03] Accepted flask 0.9-1 (source all) (Piotr Ożarowski) (signed by: Piotr Ozarowski)
[2011-10-27] flask 0.8-1 MIGRATED to testing (Debian testing watch)
[2011-10-16] Accepted flask 0.8-1 (source all) (Piotr Ożarowski) (signed by: Piotr Ozarowski)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.0.2-3