wsD5BAABCAAjFiEE26yozGlLvY8PLmS9C+du+fOjiEwFAmZWCsMFAwAAAAAACgkQC+du+fOjiEy/
XQv/WuT6uIVTXrVC0G9+nCEqHCiKXOuws4od9LPRnYjgM/dtxN+VqhOMQnqXQevESn8o67MyILXa
Ku0aSFrtHKZsiEqqCLM815gnZRSjFRJfr+SSrjmKwzkc0IfX12veAcAHhrPhK0Wr9LmLHxp+zEsX
kUZgN3GqnFDZq2R7YjwDwpGlwzq+uBqsv9S89QvTeAvTsCL2HQOu0fwpjHyl3pvx9RgK09F9e6kV
7fRJn+AyHvmZ9dRt2hMI1ipwtyDTSZ149RhFN7FpYwRWMnkiLevwYCwRTcHfS2qP6qHd4sU41snJ
UFDuDWvooRQ1mYTSdQ8oW1ENVp0d8xkRYU1/qcBGwtnFnis6VouUkvEYyWuBRX+dkkrVIbe4uqDf
uTrL4Vg7faXpTMYBmaDYq0/IfjPlkmTi6Ng++KT9gBV8LVfGv+Zyb2qAjDz34qmybMh/OMMr56v0
O4XXvJVHXu9Lz0Nr8CrxyWeutxGSzKzQdUsmKeeWPe0uIchoTQvl+NuSAvSv
=nsP/
-----END PGP SIGNATURE-----
==============================
Ubuntu Security Notice USN-6792-1
May 28, 2024
flask-security vulnerability
==============================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Flask-Security could be made to bypass URL validation and redirect to arbitary URL.
Software Description:
- flask-security: Simple security for Flask apps (Python 3)
Details:
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
python3-flask-security 4.0.0-1ubuntu0.1
Ubuntu 20.04 LTS
python3-flask-security 1.7.5-2ubuntu0.20.04.1
Ubuntu 18.04 LTS
python3-flask-security 1.7.5-2ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/no
CVE-2021-23385
Package Information:
https://launchpad.net/ubuntu/+
https://launchpad.net/ubuntu/+
No comments:
Post a Comment