flask-security (1.7.5-2ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: Possible open redirect vulnerability
    - debian/patches/CVE-2021-23385.patch: Updated
      flask_security/core.py, flask_security/utils.py and tests/test_misc.py
      to prevent possible URL validation bypass and user redirection to an
      arbitrary URL by providing multiple back slashes such as
      \\\evil.com/path.
    - CVE-2021-23385

 -- Chrisa Oikonomou <chrisa.oikonomou@canonical.com>  Tue, 21 May 2024 17:10:54 +0300

flask-security (1.7.5-2) unstable; urgency=medium

  * Team upload.
  * Put debian/* under MIT.
  * Disable mongodb build dependencies, needed for tests not yet executed.

 -- Christoph Berg <christoph.berg@credativ.de>  Wed, 24 Jan 2018 11:38:20 +0100

flask-security (1.7.5-1) unstable; urgency=low

  * Team upload.

  [ Adrian Vondendriesch ]
  * Initial package version.

  [ Christoph Berg ]
  * Package intentionally not updated to version 3.0.0 yet as the new
    flask-babelex dependency is still under discussion.
    https://github.com/mattupstate/flask-security/issues/715
  * Remove .DS_Store files.

 -- Christoph Berg <christoph.berg@credativ.de>  Tue, 02 Jan 2018 14:06:47 +0100
