pool/python-bleach
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 589012 from home:kbabioch:branches:devel:languages:python

Browse Source 
- Update to version 2.1.3:
  * Attributes that have URI values weren't properly sanitized if the
    values contained character entities. Using character entities, it
    was possible to construct a URI value with a scheme that was not
    allowed that would slide through unsanitized.
    (CVE-2018-7753 bnc#1085969)

OBS-URL: https://build.opensuse.org/request/show/589012
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=18
This commit is contained in:
Tomáš Chvátal 2018-03-20 09:37:42 +00:00 committed by Git OBS Bridge
parent b910cc8b93
commit c2eee5a36f
4 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
bleach-2.1.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:38fc8cbebea4e787d8db55d6f324820c7f74362b70db9142c1ac7920452d1a19
size 58954

3
bleach-2.1.3.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eb7386f632349d10d9ce9d4a838b134d4731571851149f9cc2c05a9a837a9a44
size 60141

10
python-bleach.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Tue Mar 20 08:38:36 UTC 2018 - kbabioch@suse.com
- Update to version 2.1.3:
* Attributes that have URI values weren't properly sanitized if the
values contained character entities. Using character entities, it
was possible to construct a URI value with a scheme that was not
allowed that would slide through unsanitized.
(CVE-2018-7753 bnc#1085969)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Dec 7 16:50:14 UTC 2017 - arun@gmx.de Thu Dec 7 16:50:14 UTC 2017 - arun@gmx.de

4
python-bleach.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package python-bleach # spec file for package python-bleach
# #
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2015 LISA GmbH, Bingen, Germany. # Copyright (c) 2015 LISA GmbH, Bingen, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
@ -19,7 +19,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}} %{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-bleach Name: python-bleach
Version: 2.1.2 Version: 2.1.3
Release: 0 Release: 0
Summary: An easy whitelist-based HTML-sanitizing tool Summary: An easy whitelist-based HTML-sanitizing tool
License: Apache-2.0 License: Apache-2.0