diff --git a/Flask-Security-Too-5.3.2.tar.gz b/Flask-Security-Too-5.3.2.tar.gz deleted file mode 100644 index fec93aa..0000000 --- a/Flask-Security-Too-5.3.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c0b5075df0d64a9ef35b04c88d31fbf405a59243736f6d6d0a1a4b4845abf3e5 -size 615361 diff --git a/Flask-Security-Too-5.3.3.tar.gz b/Flask-Security-Too-5.3.3.tar.gz new file mode 100644 index 0000000..e8d1701 --- /dev/null +++ b/Flask-Security-Too-5.3.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c1ed93aae536f2a3ff8abe1e13aec9d0d95fb7ff082fcc3b372df2a5213970d9 +size 616595 diff --git a/no-mongodb.patch b/no-mongodb.patch index a939079..49b2bdb 100644 --- a/no-mongodb.patch +++ b/no-mongodb.patch @@ -1,8 +1,10 @@ -Index: Flask-Security-Too-5.1.1/tests/conftest.py -=================================================================== ---- Flask-Security-Too-5.1.1.orig/tests/conftest.py -+++ Flask-Security-Too-5.1.1/tests/conftest.py -@@ -879,7 +879,7 @@ def client_nc(request, sqlalchemy_app): +--- + tests/conftest.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/tests/conftest.py ++++ b/tests/conftest.py +@@ -891,7 +891,7 @@ def client_nc(request, sqlalchemy_app): return app.test_client(use_cookies=False) @@ -11,7 +13,7 @@ Index: Flask-Security-Too-5.1.1/tests/conftest.py def clients(request, app, tmpdir, realdburl, realmongodburl): if request.param == "cl-sqlalchemy": ds = sqlalchemy_setup(request, app, tmpdir, realdburl) -@@ -925,7 +925,7 @@ def get_message_local(app): +@@ -937,7 +937,7 @@ def get_message_local(app): @pytest.fixture( diff --git a/python-Flask-Security-Too.changes b/python-Flask-Security-Too.changes index 0a898e9..b41ce6f 100644 --- a/python-Flask-Security-Too.changes +++ b/python-Flask-Security-Too.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Sat Jan 6 20:55:19 UTC 2024 - Matej Cepl + +- Update to 5.3.3: + Fix for CVE-2023-49438 (bsc#1218412). +- Refresh patches: + - no-mongodb.patch + - use-pyqrcodeng.patch + ------------------------------------------------------------------- Thu Nov 30 13:24:31 UTC 2023 - Antonio Larrosa diff --git a/python-Flask-Security-Too.spec b/python-Flask-Security-Too.spec index 1ec9797..21b2c17 100644 --- a/python-Flask-Security-Too.spec +++ b/python-Flask-Security-Too.spec @@ -18,7 +18,7 @@ %{?sle15_python_module_pythons} Name: python-Flask-Security-Too -Version: 5.3.2 +Version: 5.3.3 Release: 0 Summary: Security for Flask apps License: MIT diff --git a/use-pyqrcodeng.patch b/use-pyqrcodeng.patch index 24644e3..6f65750 100644 --- a/use-pyqrcodeng.patch +++ b/use-pyqrcodeng.patch @@ -1,8 +1,11 @@ -Index: Flask-Security-Too-5.1.1/flask_security/core.py -=================================================================== ---- Flask-Security-Too-5.1.1.orig/flask_security/core.py -+++ Flask-Security-Too-5.1.1/flask_security/core.py -@@ -1579,7 +1579,7 @@ class Security: +--- + flask_security/core.py | 2 +- + flask_security/totp.py | 10 +++------- + 2 files changed, 4 insertions(+), 8 deletions(-) + +--- a/flask_security/core.py ++++ b/flask_security/core.py +@@ -1607,7 +1607,7 @@ class Security: and "authenticator" in cv("TWO_FACTOR_ENABLED_METHODS", app=app) ) if need_qrcode: @@ -11,10 +14,8 @@ Index: Flask-Security-Too-5.1.1/flask_security/core.py need_sms = ( cv("UNIFIED_SIGNIN", app=app) -Index: Flask-Security-Too-5.1.1/flask_security/totp.py -=================================================================== ---- Flask-Security-Too-5.1.1.orig/flask_security/totp.py -+++ Flask-Security-Too-5.1.1/flask_security/totp.py +--- a/flask_security/totp.py ++++ b/flask_security/totp.py @@ -140,15 +140,11 @@ class Totp: .. versionadded:: 4.0.0 """