https://bugzilla.redhat.com/show_bug.cgi?id=1550317 Randy Barlow <rbarlow@xxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |itamar@xxxxxxxxxxxxxxxx Flags| |needinfo?(itamar@ispbrasil. | |com.br) --- Comment #1 from Randy Barlow <rbarlow@xxxxxxxxxx> --- Version 1.7.5 is quite old, and there's a newer 3.0.0 that claims to fix a security issue: - Fixed a security bug when validating a confirmation token, also checks if the email that the token was created with matches the user's current email. https://github.com/mattupstate/flask-security/blob/develop/CHANGES I think we should probably package 3.0.0 instead of 1.7.5. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
