new file mode 100644
@@ -0,0 +1,149 @@
+From 71b69dfb7df3d912e66bab87fbb1f21f83504967 Mon Sep 17 00:00:00 2001
+From: David Lord <davidism@gmail.com>
+Date: Thu, 2 May 2024 11:55:52 -0700
+Subject: [PATCH] restrict debugger trusted hosts
+
+Add a list of `trusted_hosts` to the `DebuggedApplication` middleware. It defaults to only allowing `localhost`, `.localhost` subdomains, and `127.0.0.1`. `run_simple(use_debugger=True)` adds its `hostname` argument to the trusted list as well. The middleware can be used directly to further modify the trusted list in less common development scenarios.
+
+The debugger UI uses the full `document.location` instead of only `document.location.pathname`.
+
+Either of these fixes on their own mitigates the reported vulnerability.
+
+CVE: CVE-2024-34069
+
+Upstream-Status: Backport [https://github.com/pallets/werkzeug/commit/71b69dfb7df3d912e66bab87fbb1f21f83504967]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ docs/debug.rst | 35 +++++++++++++++++++++++----
+ src/werkzeug/debug/__init__.py | 10 ++++++++
+ src/werkzeug/debug/shared/debugger.js | 4 +--
+ src/werkzeug/serving.py | 3 +++
+ 4 files changed, 45 insertions(+), 7 deletions(-)
+
+diff --git a/docs/debug.rst b/docs/debug.rst
+index 25a9f0b..d842135 100644
+--- a/docs/debug.rst
++++ b/docs/debug.rst
+@@ -16,7 +16,8 @@ interactive debug console to execute code in any frame.
+ The debugger allows the execution of arbitrary code which makes it a
+ major security risk. **The debugger must never be used on production
+ machines. We cannot stress this enough. Do not enable the debugger
+- in production.**
++ in production.** Production means anything that is not development,
++ and anything that is publicly accessible.
+
+ .. note::
+
+@@ -72,10 +73,9 @@ argument to get a detailed list of all the attributes it has.
+ Debugger PIN
+ ------------
+
+-Starting with Werkzeug 0.11 the debug console is protected by a PIN.
+-This is a security helper to make it less likely for the debugger to be
+-exploited if you forget to disable it when deploying to production. The
+-PIN based authentication is enabled by default.
++The debug console is protected by a PIN. This is a security helper to make it
++less likely for the debugger to be exploited if you forget to disable it when
++deploying to production. The PIN based authentication is enabled by default.
+
+ The first time a console is opened, a dialog will prompt for a PIN that
+ is printed to the command line. The PIN is generated in a stable way
+@@ -92,6 +92,31 @@ intended to make it harder for an attacker to exploit the debugger.
+ Never enable the debugger in production.**
+
+
++Allowed Hosts
++-------------
++
++The debug console will only be served if the request comes from a trusted host.
++If a request comes from a browser page that is not served on a trusted URL, a
++400 error will be returned.
++
++By default, ``localhost``, any ``.localhost`` subdomain, and ``127.0.0.1`` are
++trusted. ``run_simple`` will trust its ``hostname`` argument as well. To change
++this further, use the debug middleware directly rather than through
++``use_debugger=True``.
++
++.. code-block:: python
++
++ if os.environ.get("USE_DEBUGGER") in {"1", "true"}:
++ app = DebuggedApplication(app, evalex=True)
++ app.trusted_hosts = [...]
++
++ run_simple("localhost", 8080, app)
++
++**This feature is not meant to entirely secure the debugger. It is
++intended to make it harder for an attacker to exploit the debugger.
++Never enable the debugger in production.**
++
++
+ Pasting Errors
+ --------------
+
+diff --git a/src/werkzeug/debug/__init__.py b/src/werkzeug/debug/__init__.py
+index 49001e0..87e68c4 100644
+--- a/src/werkzeug/debug/__init__.py
++++ b/src/werkzeug/debug/__init__.py
+@@ -290,6 +290,14 @@ class DebuggedApplication:
+ self._pin, self._pin_cookie = pin_cookie # type: ignore
+ return self._pin
+
++ self.trusted_hosts: list[str] = [".localhost", "127.0.0.1"]
++ """List of domains to allow requests to the debugger from. A leading dot
++ allows all subdomains. This only allows ``".localhost"`` domains by
++ default.
++
++ .. versionadded:: 3.0.3
++ """
++
+ @pin.setter
+ def pin(self, value: str) -> None:
+ self._pin = value
+@@ -475,6 +483,8 @@ class DebuggedApplication:
+ # form data! Otherwise the application won't have access to that data
+ # any more!
+ request = Request(environ)
++ request.trusted_hosts = self.trusted_hosts
++ assert request.host # will raise 400 error if not trusted
+ response = self.debug_application
+ if request.args.get("__debugger__") == "yes":
+ cmd = request.args.get("cmd")
+diff --git a/src/werkzeug/debug/shared/debugger.js b/src/werkzeug/debug/shared/debugger.js
+index 2354f03..bee079f 100644
+--- a/src/werkzeug/debug/shared/debugger.js
++++ b/src/werkzeug/debug/shared/debugger.js
+@@ -48,7 +48,7 @@ function initPinBox() {
+ btn.disabled = true;
+
+ fetch(
+- `${document.location.pathname}?__debugger__=yes&cmd=pinauth&pin=${pin}&s=${encodedSecret}`
++ `${document.location}?__debugger__=yes&cmd=pinauth&pin=${pin}&s=${encodedSecret}`
+ )
+ .then((res) => res.json())
+ .then(({auth, exhausted}) => {
+@@ -79,7 +79,7 @@ function promptForPin() {
+ if (!EVALEX_TRUSTED) {
+ const encodedSecret = encodeURIComponent(SECRET);
+ fetch(
+- `${document.location.pathname}?__debugger__=yes&cmd=printpin&s=${encodedSecret}`
++ `${document.location}?__debugger__=yes&cmd=printpin&s=${encodedSecret}`
+ );
+ const pinPrompt = document.getElementsByClassName("pin-prompt")[0];
+ fadeIn(pinPrompt);
+diff --git a/src/werkzeug/serving.py b/src/werkzeug/serving.py
+index a19d4bd..84b0664 100644
+--- a/src/werkzeug/serving.py
++++ b/src/werkzeug/serving.py
+@@ -1038,6 +1038,9 @@ def run_simple(
+ from .debug import DebuggedApplication
+
+ application = DebuggedApplication(application, evalex=use_evalex)
++ # Allow the specified hostname to use the debugger, in addition to
++ # localhost domains.
++ application.trusted_hosts.append(hostname)
+
+ if not is_running_from_reloader():
+ s = prepare_socket(hostname, port)
+--
+2.40.0
new file mode 100644
@@ -0,0 +1,120 @@
+From 890b6b62634fa61224222aee31081c61b054ff01 Mon Sep 17 00:00:00 2001
+From: David Lord <davidism@gmail.com>
+Date: Fri, 3 May 2024 14:49:43 -0700
+Subject: [PATCH] only require trusted host for evalex
+
+CVE: CVE-2024-34069
+
+Upstream-Status: Backport [https://github.com/pallets/werkzeug/commit/890b6b62634fa61224222aee31081c61b054ff01]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ src/werkzeug/debug/__init__.py | 25 ++++++++++++++++++++-----
+ src/werkzeug/sansio/utils.py | 2 +-
+ 2 files changed, 21 insertions(+), 6 deletions(-)
+
+diff --git a/src/werkzeug/debug/__init__.py b/src/werkzeug/debug/__init__.py
+index 87e68c4..0302b24 100644
+--- a/src/werkzeug/debug/__init__.py
++++ b/src/werkzeug/debug/__init__.py
+@@ -16,7 +16,9 @@ from zlib import adler32
+
+ from .._internal import _log
+ from ..exceptions import NotFound
++from ..exceptions import SecurityError
+ from ..http import parse_cookie
++from ..sansio.utils import host_is_trusted
+ from ..security import gen_salt
+ from ..utils import send_file
+ from ..wrappers.request import Request
+@@ -331,7 +333,7 @@ class DebuggedApplication:
+
+ is_trusted = bool(self.check_pin_trust(environ))
+ html = tb.render_debugger_html(
+- evalex=self.evalex,
++ evalex=self.evalex and self.check_host_trust(environ),
+ secret=self.secret,
+ evalex_trusted=is_trusted,
+ )
+@@ -359,10 +361,16 @@ class DebuggedApplication:
+ frame: t.Union[DebugFrameSummary, _ConsoleFrame],
+ ) -> Response:
+ """Execute a command in a console."""
++ if not self.check_host_trust(request.environ):
++ return SecurityError() # type: ignore[return-value]
++
+ return Response(frame.eval(command), mimetype="text/html")
+
+ def display_console(self, request: Request) -> Response:
+ """Display a standalone shell."""
++ if not self.check_host_trust(request.environ):
++ return SecurityError() # type: ignore[return-value]
++
+ if 0 not in self.frames:
+ if self.console_init_func is None:
+ ns = {}
+@@ -411,12 +419,18 @@ class DebuggedApplication:
+ return None
+ return (time.time() - PIN_TIME) < int(ts)
+
++ def check_host_trust(self, environ: WSGIEnvironment) -> bool:
++ return host_is_trusted(environ.get("HTTP_HOST"), self.trusted_hosts)
++
+ def _fail_pin_auth(self) -> None:
+ time.sleep(5.0 if self._failed_pin_auth > 5 else 0.5)
+ self._failed_pin_auth += 1
+
+ def pin_auth(self, request: Request) -> Response:
+ """Authenticates with the pin."""
++ if not self.check_host_trust(request.environ):
++ return SecurityError() # type: ignore[return-value]
++
+ exhausted = False
+ auth = False
+ trust = self.check_pin_trust(request.environ)
+@@ -466,8 +480,11 @@ class DebuggedApplication:
+ rv.delete_cookie(self.pin_cookie_name)
+ return rv
+
+- def log_pin_request(self) -> Response:
++ def log_pin_request(self, request: Request) -> Response:
+ """Log the pin if needed."""
++ if not self.check_host_trust(request.environ):
++ return SecurityError() # type: ignore[return-value]
++
+ if self.pin_logging and self.pin is not None:
+ _log(
+ "info", " * To enable the debugger you need to enter the security pin:"
+@@ -483,8 +500,6 @@ class DebuggedApplication:
+ # form data! Otherwise the application won't have access to that data
+ # any more!
+ request = Request(environ)
+- request.trusted_hosts = self.trusted_hosts
+- assert request.host # will raise 400 error if not trusted
+ response = self.debug_application
+ if request.args.get("__debugger__") == "yes":
+ cmd = request.args.get("cmd")
+@@ -496,7 +511,7 @@ class DebuggedApplication:
+ elif cmd == "pinauth" and secret == self.secret:
+ response = self.pin_auth(request) # type: ignore
+ elif cmd == "printpin" and secret == self.secret:
+- response = self.log_pin_request() # type: ignore
++ response = self.log_pin_request(request) # type: ignore
+ elif (
+ self.evalex
+ and cmd is not None
+diff --git a/src/werkzeug/sansio/utils.py b/src/werkzeug/sansio/utils.py
+index 1b4d892..7e7b4d2 100644
+--- a/src/werkzeug/sansio/utils.py
++++ b/src/werkzeug/sansio/utils.py
+@@ -6,7 +6,7 @@ from ..urls import uri_to_iri
+ from ..urls import url_quote
+
+
+-def host_is_trusted(hostname: str, trusted_list: t.Iterable[str]) -> bool:
++def host_is_trusted(hostname: str | None, trusted_list: t.Iterable[str]) -> bool:
+ """Check if a host matches a list of trusted names.
+
+ :param hostname: The name to check.
+--
+2.40.0
@@ -13,7 +13,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462"
PYPI_PACKAGE = "Werkzeug"
SRC_URI += "file://CVE-2023-25577.patch \
- file://CVE-2023-23934.patch"
+ file://CVE-2023-23934.patch \
+ file://CVE-2024-34069-0001.patch \
+ file://CVE-2024-34069-0002.patch"
SRC_URI[sha256sum] = "f8e89a20aeabbe8a893c24a461d3ee5dad2123b05cc6abd73ceed01d39c3ae74"