werkzeug: security update to 3.1.8

stydxm · MingcongBai · commit 22b49d6f0396 · 2026-05-06T16:22:48.000+08:00
Signed-off-by: stydxm &lt;stydxm@outlook.com&gt;
diff --git a/lang-python/werkzeug/autobuild/defines b/lang-python/werkzeug/autobuild/defines
@@ -1,6 +1,6 @@
 PKGNAME=werkzeug
 PKGSEC=python
-PKGDEP="python-3"
+PKGDEP="python-3 markupsafe"
 BUILDDEP="flit-core"
 PKGDES="Swiss Army knife of Python web development"
 
diff --git a/lang-python/werkzeug/spec b/lang-python/werkzeug/spec
@@ -1,5 +1,4 @@
-VER=3.0.6
+VER=3.1.8
 SRCS="pypi::version=$VER::werkzeug"
-CHKSUMS="sha256::a8dd59d4de28ca70471a34cba79bed5f7ef2e036a76b3ab0835474246eb41f8d"
+CHKSUMS="sha256::9bad61a4268dac112f1c5cd4630a56ede601b6ed420300677a869083d70a4c44"
 CHKUPDATE="anitya::id=4092"
-REL="3"
diff --git a/topics/werkzeug-3.1.8.toml b/topics/werkzeug-3.1.8.toml
@@ -0,0 +1,11 @@
+security = true
+
+[name]
+default = "Werkzeug 3.1.8"
+
+[caution]
+default = "Fixes 3 improper handling of device names vulnerabilities (CVE-2025-66221, CVE-2026-21860, and CVE-2026-27199, Severity: Medium)"
+zh_CN = "修复 3 个设备名处理不当漏洞（CVE-2025-66221、CVE-2026-21860 和 CVE-2026-27199，严重性：中）"
+
+[packages-v2]
+"werkzeug" = "< 3.1.8"
