Broken routing with Werkzeug 2.2.x

archlinux / arch-security-tracker

Arch Linux Security Tracker

https://security.archlinux.org

MIT License

125 stars 40 forks source link

Broken routing with Werkzeug 2.2.x #211

Closed foutrelis closed 2 years ago

foutrelis commented 2 years ago

Kristian noticed last night that CVE links gave 404 errors. Downgrading python-werkzeug (2.2.2-1 -> 2.1.2-1) allowed them to work again. Flask version is 2.1.3.

Running pytest test/test_cve.py::test_show_issue locally also reproduces the issue with latest Flask 2.2.2 and Werkzeug 2.2.2.

anthraxx commented 2 years ago

fixed in e48779936313af83384b6c4602adb5c516bc9612