Hi Christopher, On Mon, Jul 6, 2026 at 10:54 AM Christopher Obbard <[email protected]> wrote: > I have prepared a fix to flask to fix CVE-2026-27205 in bullseye (I've > also submitted PU requests for bookworm & trixie). > > The branch can be found here: > https://salsa.debian.org/python-team/packages/flask/-/tree/debian/bullseye?ref_type=heads
Thank you for preparing an update. Unfortunately, the bookworm -pu window has been closed as of last week, and it will soon be under the LTS realms. Whilst I'm happy to assist you with the next steps, I was curious to understand your motivations to prep an update for this CVE. It appears to be a low-severity one, which is hard to trigger. Is there a reason why you're looking to get it fixed in bullseye (and now Bookworm) via DLA? - u
