Debian Patches
Status for python-flask-cors/3.0.10-2+deb12u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| debian-hacks/Privacy-Remove-linking-to-external-resources.patch | Privacy: Remove linking to external resources We don't need these links to external graphics. |
Stewart Ferguson <stew@ferg.aero> | not-needed | 2018-12-08 | ||
| debian-hacks/README-Link-to-internal-HTML-resource.patch | README: Link to internal HTML resource No need to link to any external resource, the goal and intended bheavior is to provide all HTML documentation locally. |
Stewart Ferguson <stew@ferg.aero> | not-needed | 2018-12-08 | ||
| upstream/Spelling-Fix-misspelled-word-conjuction.patch | Spelling: Fix misspelled word conjuction | Stewart Ferguson <stew@ferg.aero> | no | 2018-12-08 | ||
| upstream/Spelling-Fix-misspelled-word-maching.patch | Spelling: Fix misspelled word maching | Carsten Schoenert <c.schoenert@t-online.de> | no | 2022-10-31 | ||
| debian-hacks/docs-Use-local-inventory-for-Python3.patch | docs: Use local inventory for Python3 Patch requires package python3-doc to be installed. |
Carsten Schoenert <c.schoenert@t-online.de> | not-needed | 2022-10-31 | ||
| CVE-2024-1681.patch | Update extension.py to clean request.path before logging it (#351) * Update extension.py to use string format specifier for cleaning request.path |
=?utf-8?q?Anes_Hujevi=C4=87?= <anes1996_h@hotmail.com> | yes | debian upstream | https://github.com/corydolphin/flask-cors/commit/6172c2000dba965fedb8e9a8a916ad56f0fb2630 | 2024-05-04 |
| CVE-2024-6866.patch | [PATCH] [CVE-2024-6866] Case Sensitive Request Path Matching (#390) * [CVE-2024-6866] Case Sensitive Request Path Matching * Update flask_cors/core.py |
Adriano Sela Aviles <adriano.selaviles@gmail.com> | yes | debian upstream | https://github.com/corydolphin/flask-cors/commit/eb39516a3c96b90d0ae5f51293972395ec3ef358 | 2025-05-14 |
| CVE-2024-6839-1.patch | [PATCH] [CVE-2024-6839] Sort Paths by Regex Specificity (#391) | Adriano Sela Aviles <adriano.selaviles@gmail.com> | yes | debian upstream | https://github.com/corydolphin/flask-cors/commit/e970988bea563e05e8b8f53fa7bcc134b5bf5c5f | 2025-05-14 |
| CVE-2024-6839-2.patch | [PATCH] Sort paths longest to shortest. Previously, path sort length was inverted, with short paths before long ones, this led to a path like `/*` being handled *before* a path like `/foo/bar/baz`, which is exactly what we didn't want. This was tested, but the test was misnamed and so wasn't picked up by pytest. |
joshuamorton <joshuamorton@google.com> | yes | debian upstream | https://github.com/corydolphin/flask-cors/pull/392 | 2025-05-21 |
| CVE-2024-6844.patch | [PATCH] [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote for paths (#389) | Adriano Sela Aviles <adriano.selaviles@gmail.com> | yes | debian upstream | https://github.com/corydolphin/flask-cors/commit/35d875319621bd129a38b2b823abf4a2f6cda536 | 2025-05-17 |
All known versions for source package 'python-flask-cors'
- 6.0.1-1 (forky, trixie, sid)
- 3.0.10-2+deb12u1 (bookworm)