commit | c356b20ba8afa79b08fc3d30a1c3f60d9f3c6f65 | [log] [tgz] |
---|---|---|
author | Peter Korsgaard <peter@korsgaard.com> | Wed Nov 18 16:47:42 2020 +0100 |
committer | Peter Korsgaard <peter@korsgaard.com> | Fri Nov 20 18:18:30 2020 +0100 |
tree | 5fe133b839c27afbf4ba7b129b9b4b23de1d9aab | |
parent | ff60c4c533096f8fd69c31d9f57ed1daa596d08a [diff] |
package/python-flask-cors: security bump to version 3.0.9 Fixes the following security issue: - CVE-2020-25032: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. Also drop outdated md5 checksum and fix .hash indentation. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>