python3-flask-cors: Fix CVE-2024-6221

A vulnerability in corydolphin/flask-cors version 4.0.1 allows the
`Access-Control-Allow-Private-Network` CORS header to be set to true
by default, without any configuration option. This behavior can expose
private network resources to unauthorized external access, leading to
significant security risks such as data breaches, unauthorized access
to sensitive information, and potential network intrusions.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-6221

Upsteam-Patch:
7ae310c56a

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

meta-python/recipes-devtools/python/python3-flask-cors_4.0.0.bb

@@ -9,6 +9,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=118fecaa576ab51c1520f95e98db61ce"
 
 PYPI_PACKAGE = "Flask-Cors"
 
+SRC_URI += " \
+        file://CVE-2024-6221.patch \
+"
+
 SRC_URI[sha256sum] = "f268522fcb2f73e2ecdde1ef45e2fd5c71cc48fe03cffb4b441c6d1b40684eb0"
 
 inherit pypi setuptools3