Debian Patches
Status for starlette/0.26.1-1+deb12u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| CVE-2023-29159.patch | Merge pull request from GHSA-v5gw-mw7f-84px | Amin Alaee <mohammadamin.alaee@gmail.com> | no | upstream, https://github.com/Kludex/starlette/commit/1797de464124b090f10cf570441e8292936d63e3 | 2023-05-16 | |
| CVE-2024-47874.patch | Merge commit from fork Backported by: Matheus Polkorny <mpolkorny@gmail.com> Changes: - Refresh Patch context - Update hunks' offsets - Add missing ASGI typing imports required by the upstream test - Drop TestClientFactory type annotations not present in bookworm |
Marcelo Trylesinski <marcelotryle@gmail.com> | no | upstream, https://github.com/Kludex/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733 | 2024-10-15 | |
| CVE-2025-54121.patch | Make UploadFile check for future rollover (#2962) Backported by: Matheus Polkorny <mpolkorny@gmail.com> Changes: - Refresh Patch context - Update hunks' offsets - Add spool_max_size attribute required by the upstream tests - Drop TestClientFactory type annotations not present in bookworm |
Michael Honaker <37811263+HonakerM@users.noreply.github.com> | no | upstream, https://github.com/Kludex/starlette/commit/9f7ec2eb512fcc3fe90b43cb9dd9e1d08696bec1 | 2025-07-21 | |
| CVE-2026-48710.patch | Ignore malformed `Host` header when constructing `request.url` (#3279) Backported by: Matheus Polkorny <mpolkorny@gmail.com> Changes: - Refresh Patch context - Update hunks' offsets |
Marcelo Trylesinski <marcelotryle@gmail.com> | no | upstream, https://github.com/Kludex/starlette/commit/764dab0dcfb9033d75442d7a359645c9f94648c6 | 2026-05-21 |
All known versions for source package 'starlette'
- 1.1.0-1 (sid, forky)
- 0.46.1-3+deb13u2 (trixie-security, trixie-proposed-updates)
- 0.46.1-3+deb13u1 (trixie)
- 0.26.1-1+deb12u1 (bookworm-proposed-updates, bookworm-security)
- 0.26.1-1 (bookworm)