Dirk Mueller
5e4292f9bb
* ``bleach.clean`` behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to ``bleach.clean`` with an allowed tag with an allowed ``style`` attribute were vulnerable to ReDoS. For example, ``bleach.clean(..., attributes={'a': ['style']})``. * Style attributes with dashes, or single or double quoted values are cleaned instead of passed through. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=35 |
||
---|---|---|
.gitattributes | ||
.gitignore | ||
bleach-3.1.4.tar.gz | ||
de-vendor.patch | ||
python-bleach.changes | ||
python-bleach.spec |