=== chris14_ is now known as chris14
[06:21]  * luna__ is listening to todays podcast also downloaded 20.04.6 yesterday
[06:23] <luna__> also there is a Firefox 111.0.1 a couple of bugfixes for MacOS and Windows however and not really security fixes
[06:23] <luna__> now
[15:33] <UnivrslSuprBox> I'm preparing a diff for flask-cors 3.0.8-2 in focal to resolve a security issue that does not affect any newer releases. The currently published package (built in eoan) cannot rebuild in the current archive, though (Flask 1.1 broke its tests). There is a fix upstream for this problem, but it means a larger diff for what is ostensibly a security upload. Any advice?
[15:49] <sbeattie> UnivrslSuprBox: can you point to the upstream fix? If it's mostly correcting tests, that would be acceptable.
[15:50] <UnivrslSuprBox> sbeattie: https://github.com/corydolphin/flask-cors/commit/67c4b2cc98ae87cf1fa7df4f97fd81b40c79b895#diff-bdae7c455ffc638174b65dec1562673f2718c81e30f194642ad66550ec4b8fa0
[15:50] -ubottu:#ubuntu-security- Commit 67c4b2c in corydolphin/flask-cors "Fix request path normalization (#272)"
[15:54] <sbeattie> UnivrslSuprBox: that looks acceptable to me. We occasionally do have to add additional non-security patches as part of security updates for similar reasons.
[15:54] <UnivrslSuprBox> Okay, thank you
[15:55] <sbeattie> Feel free to subscribe me directly to the associated bug report.