Google Git
Sign in
android-kvm / buildroot / c356b20ba8afa79b08fc3d30a1c3f60d9f3c6f65
commitc356b20ba8afa79b08fc3d30a1c3f60d9f3c6f65[log] [tgz]
authorPeter Korsgaard <peter@korsgaard.com>Wed Nov 18 16:47:42 2020 +0100
committerPeter Korsgaard <peter@korsgaard.com>Fri Nov 20 18:18:30 2020 +0100
tree5fe133b839c27afbf4ba7b129b9b4b23de1d9aab
parentff60c4c533096f8fd69c31d9f57ed1daa596d08a [diff]
package/python-flask-cors: security bump to version 3.0.9

Fixes the following security issue:

- CVE-2020-25032: An issue was discovered in Flask-CORS (aka CORS Middleware
  for Flask) before 3.0.9.  It allows ../ directory traversal to access
  private resources because resource matching does not ensure that pathnames
  are in a canonical format.

Also drop outdated md5 checksum and fix .hash indentation.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2 files changed
tree: 5fe133b839c27afbf4ba7b129b9b4b23de1d9aab
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. utils/
  13. .defconfig
  14. .flake8
  15. .gitignore
  16. .gitlab-ci.yml
  17. CHANGES
  18. Config.in
  19. Config.in.legacy
  20. COPYING
  21. DEVELOPERS
  22. Makefile
  23. Makefile.legacy
  24. README