flask (2.0.1-2ubuntu1.1) jammy-security; urgency=medium * SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2023-30861.patch: set 'Vary: Cookie' header consistently for session in src/flask/sessions.py, tests/test_basic.py. - CVE-2023-30861 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 May 2023 10:22:20 -0300