Steve Kowalik
2605210ed4
- Update to 5.0.1:
...
* Add missing comma to tinycss2 require. Thank you, @shadchin!
* Add url parse tests based on wpt url tests. (#688 )
* Support scheme-less urls if "https" is in allow list. (#662 )
* Handle escaping ``<`` in edge cases where it doesn't start a tag. (#544 )
* Correctly urlencode email address parts. Thank you, @larseggert! (#659 )
* ``clean`` and ``linkify`` now preserve the order of HTML attributes.
* Drop support for Python 3.6. Thank you, @hugovk! (#629 )
* CSS sanitization in style tags is completely different now.
* Python 3.9 support
* Drop support for unsupported Python versions <3.6. (#520 )
* add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq
- Refresh de-vendor.patch, and convert to patch level 1
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=43
2022-09-29 07:00:27 +00:00
19b3ff6175
Accepting request 884898 from home:AndreasStieger:branches:devel:languages:python
...
python-bleach 3.3.0 CVE-2021-23980 boo#1184547
OBS-URL: https://build.opensuse.org/request/show/884898
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=41
2021-04-13 10:30:56 +00:00
Tomáš Chvátal
efa22fed01
- Skip tests that fail with html5lib 1.1 ref the upstream ticket
...
* replace missing ``setuptools`` dependency with ``packaging``. Thank you Benjamin Peterson.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=39
2020-08-31 09:15:54 +00:00
Tomáš Chvátal
f264ca5fab
- Update to 3.1.5:
...
* * replace missing ``setuptools`` dependency with ``packaging``. Thank you Benjamin Peterson.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=37
2020-05-06 07:14:32 +00:00
5e4292f9bb
- update to 3.1.4 (bsc#1168280, CVE-2020-6817):
...
* ``bleach.clean`` behavior parsing style attributes could result in a
regular expression denial of service (ReDoS).
Calls to ``bleach.clean`` with an allowed tag with an allowed
``style`` attribute were vulnerable to ReDoS. For example,
``bleach.clean(..., attributes={'a': ['style']})``.
* Style attributes with dashes, or single or double quoted values are
cleaned instead of passed through.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=35
2020-04-01 11:21:16 +00:00
e36ce7b3c2
address review feedback from https://build.opensuse.org/request/show/790090
...
- update to 3.1.3 (bsc#1167379, CVE-2020-6816):
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=34
2020-03-31 20:28:11 +00:00
2cc23971a9
- update to 3.1.3 (bsc#1167379):
...
* Add relative link to code of conduct. (#442 )
* Drop deprecated 'setup.py test' support. (#507 )
* Fix typo: curren -> current in tests/test_clean.py (#504 )
* Test on PyPy 7
* Drop test support for end of life Python 3.4
* ``bleach.clean`` behavior parsing embedded MathML and SVG content
with RCDATA tags did not match browser behavior and could result in
a mutation XSS.
Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or
``svg`` tags and one or more of the RCDATA tags ``script``,
``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or
``xmp`` in the allowed tags whitelist were vulnerable to a mutation
XSS.
This security issue was confirmed in Bleach version v3.1.1. Earlier
versions are likely affected too.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=32
2020-03-23 10:22:56 +00:00
Tomáš Chvátal
394b9b98a6
Accepting request 780338 from home:atopt:branches:devel:languages:python
...
- Update to V3.1.1: Security update for CVE-2020-6802
* CVE-2020-6802: Fixed mutation XSS vulnerabilities (bsc#1165303).
OBS-URL: https://build.opensuse.org/request/show/780338
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=30
2020-02-29 10:05:37 +00:00
bb709d0cb6
Run spec-cleaner
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=29
2020-01-08 09:36:43 +00:00
dd30fdb54f
- Switch off test_uri_value_allowed_protocols test to work around
...
gh#mozilla/bleach#503.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=28
2020-01-08 09:36:18 +00:00
Tomáš Chvátal
3741963f03
- Restrict pytest to <5.0; upstream has an issue already reported
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=26
2019-07-19 12:03:38 +00:00
Tomáš Chvátal
b1e5f6a0bb
Accepting request 681074 from home:jayvdb:noflake8
...
- Add de-vendor.patch to avoid new vendoring of html5lib in v3.1.0
- Remove direct dependency on webencodings, a dependency of html5lib
- Update to v3.1.0
OBS-URL: https://build.opensuse.org/request/show/681074
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=24
2019-03-03 12:34:08 +00:00
Todd R
64204dd675
Accepting request 654136 from home:jengelh:branches:devel:languages:python
...
- Trim rhetorics and bias from descriptions.
OBS-URL: https://build.opensuse.org/request/show/654136
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=22
2018-12-05 19:22:46 +00:00
3c2753cf75
Clean up the SPEC file
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=21
2018-12-04 17:10:21 +00:00
2846e60ac2
Remove superfluous devel dependency for noarch package
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=20
2018-12-04 13:16:55 +00:00
Tomáš Chvátal
c2eee5a36f
Accepting request 589012 from home:kbabioch:branches:devel:languages:python
...
- Update to version 2.1.3:
* Attributes that have URI values weren't properly sanitized if the
values contained character entities. Using character entities, it
was possible to construct a URI value with a scheme that was not
allowed that would slide through unsanitized.
(CVE-2018-7753 bnc#1085969)
OBS-URL: https://build.opensuse.org/request/show/589012
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=18
2018-03-20 09:37:42 +00:00
Tomáš Chvátal
b910cc8b93
osc copypac from project:devel:languages:python package:python-bleach revision:11
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=17
2017-12-13 14:46:54 +00:00
Tomáš Chvátal
44acfc3ed6
osc copypac from project:devel:languages:python package:python-bleach revision:13
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=16
2017-12-13 14:45:06 +00:00
Tomáš Chvátal
6233b41349
Add python-six to runtime deps as per setup.py
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=15
2017-12-13 14:36:08 +00:00
Tomáš Chvátal
50e6385bd7
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=14
2017-12-13 14:28:13 +00:00
Tomáš Chvátal
9862f6181f
- Add patch pytest-requirement.patch to build with new pytest-runner
...
- Version update to 2.1.2:
* Support new html5lib
- Convert to singlespec and enable tests/etc.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=13
2017-12-13 14:27:19 +00:00
Tomáš Chvátal
3689b3a762
osc copypac from project:openSUSE:infrastructure:elections.opensuse.org package:python-bleach revision:3
...
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=12
2017-12-13 14:12:06 +00:00
Tomáš Chvátal
c44a6c6eba
Accepting request 555279 from home:apersaud:branches:devel:languages:python
...
update to latest version
OBS-URL: https://build.opensuse.org/request/show/555279
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=10
2017-12-09 12:39:53 +00:00
1d0a64577f
Accepting request 540765 from home:apersaud:branches:devel:languages:python
...
update to latest version
OBS-URL: https://build.opensuse.org/request/show/540765
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=8
2017-11-13 09:18:37 +00:00
Dominique Leuenberger
817fc6f94e
Accepting request 493464 from devel:languages:python
...
Needed by python-jupyter_nbconvert, which is already in openSUSE:Factory.
OBS-URL: https://build.opensuse.org/request/show/493464
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-bleach?expand=0&rev=1
2017-05-09 16:03:57 +00:00
Todd R
117afdf080
Accepting request 487617 from home:TheBlackCat:branches:devel:languages:python
...
Fix source URL
OBS-URL: https://build.opensuse.org/request/show/487617
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=6
2017-04-12 15:28:57 +00:00
Todd R
dbd38b3c33
Accepting request 486218 from home:TheBlackCat:branches:devel:languages:python
...
* Update to Version 2.0.0
* Implement single-spec version
OBS-URL: https://build.opensuse.org/request/show/486218
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=5
2017-04-06 17:57:05 +00:00
Todd R
ffd286e797
Accepting request 328828 from home:TheBlackCat:branches:devel:languages:python
...
Fix build on SLE 11
OBS-URL: https://build.opensuse.org/request/show/328828
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=4
2015-09-03 15:15:38 +00:00
Denisart Benjamin
6d40d0f003
Accepting request 321278 from home:frispete:python
...
- eabled checks again: don't know, why they failed in the first place
OBS-URL: https://build.opensuse.org/request/show/321278
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=3
2015-08-08 15:05:21 +00:00
Todd R
2ff2922b15
Accepting request 319611 from home:frispete:python
...
Guess, I'm not the only one, that could make use of it..
OBS-URL: https://build.opensuse.org/request/show/319611
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=2
2015-08-03 12:12:19 +00:00
Sascha Peilicke
bc41ab51a8
Accepting request 235461 from home:frispete:python
...
that's a useful library
OBS-URL: https://build.opensuse.org/request/show/235461
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=1
2014-06-02 09:05:03 +00:00