Hi Christopher,

On Mon, Jul 6, 2026 at 10:54 AM Christopher Obbard <[email protected]> wrote:
> I have prepared a fix to flask to fix CVE-2026-27205 in bullseye (I've
> also submitted PU requests for bookworm & trixie).
>
> The branch can be found here:
> https://salsa.debian.org/python-team/packages/flask/-/tree/debian/bullseye?ref_type=heads

Thank you for preparing an update. Unfortunately, the bookworm -pu
window has been closed as of last week, and it will soon be under the
LTS realms.

Whilst I'm happy to assist you with the next steps, I was curious to
understand your motivations to prep an update for this CVE. It appears
to be a low-severity one, which is hard to trigger. Is there a reason
why you're looking to get it fixed in bullseye (and now Bookworm) via
DLA?


- u

Reply via email to