On Sat, Apr 28, 2018 at 11:45:51AM +0200, Daniel Jakots wrote:
> 2 days ago flask released two new versions, 0.12.3 and 1.0.0. They
> both includes a security fix:
>
> > Flask previously decoded incoming JSON bytes using the content type
> > of the request. Although JSON should only be encoded as
On Sat, 28 Apr 2018 11:45:51 +0200, Daniel Jakots
wrote:
> We can also get rid of the patches.
New patch with the cvs rm -f
Index: Makefile
===
RCS file: /cvs/ports/www/py-flask/Makefile,v
retrieving revision 1.24
diff -u -p -r1.24
Hi,
2 days ago flask released two new versions, 0.12.3 and 1.0.0. They
both includes a security fix:
> Flask previously decoded incoming JSON bytes using the content type
> of the request. Although JSON should only be encoded as UTF-8, Flask
> was more lenient. However, Python includes non-text r