From 1df178ccc019c5aa7282246288c04f867d716790 Mon Sep 17 00:00:00 2001 From: Cory Dolphin Date: Sat, 4 May 2024 12:47:59 -0700 Subject: [PATCH] Release 0.4.1 (#353) --- CHANGELOG.md | 4 ++++ flask_cors/version.py | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 10da2de..ea02ea7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Change Log +## 4.0.1 +### Security +* Address [CVE-2024-1681](https://github.com/advisories/GHSA-84pr-m4jr-85g5) which is a log injection vulnerability when the log level is set to debug by @aneshujevic in https://github.com/corydolphin/flask-cors/pull/351 + ## 4.0.0 * Remove support for Python versions older than 3.8 by @WAKayser in https://github.com/corydolphin/flask-cors/pull/330 * Add GHA tooling by @corydolphin in https://github.com/corydolphin/flask-cors/pull/331 diff --git a/flask_cors/version.py b/flask_cors/version.py index d6497a8..1a3bef5 100644 --- a/flask_cors/version.py +++ b/flask_cors/version.py @@ -1 +1 @@ -__version__ = '4.0.0' +__version__ = '4.0.1'