Re: SUSE-SU-2023:2263-2: important: Security update for python-Flask

Hi, I unsubscribed you from the list On Thu, Jul 20, 2023 at 07:26:21PM +0200, a.scheepens wrote:
Go away. Stop spamming me!!!Verzonden vanaf mijn Galaxy -------- Oorspronkelijk bericht --------Van: security@lists.opensuse.org Datum: 20-07-2023 17:36 (GMT+01:00) Aan: security-announce@lists.opensuse.org Onderwerp: SUSE-SU-2023:2263-2: important: Security update for python-Flask
Security update for python-Flask
Announcement ID: SUSE-SU-2023:2263-2
Rating: important
References:
#1211246
Cross-References:
CVE-2023-30861
CVSS scores:
CVE-2023-30861
(
SUSE
):
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2023-30861
(
NVD
):
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.5
An update that solves one vulnerability can now be installed.
Description: This update for python-Flask fixes the following issues:
CVE-2023-30861: Fixed a potential cookie confusion due to incorrect caching (bsc#1211246).
Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-2263=1
Package List:
openSUSE Leap 15.5 (noarch)
python3-Flask-1.0.4-150400.3.3.1
python3-Flask-doc-1.0.4-150400.3.3.1
References:
-- Marcus Meissner (he/him), Distinguished Engineer / Senior Project Manager Security SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany GF: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman, HRB 36809, AG Nuernberg
participants (1)
-
Marcus Meissner