- update to 4.6.3:

* A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
    which allowed JavaScript to pass through.  The cleaner now removes the HTML5
    ``formaction`` attribute.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-lxml?expand=0&rev=145
This commit is contained in:
2021-04-06 01:54:45 +00:00
committed by Git OBS Bridge
parent 56e1d3c0d2
commit 1af83b813f
4 changed files with 12 additions and 4 deletions
+8
View File
@@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Apr 6 01:51:29 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 4.6.3:
* A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
which allowed JavaScript to pass through. The cleaner now removes the HTML5
``formaction`` attribute.
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jan 24 10:21:16 UTC 2021 - Dirk Müller <dmueller@suse.com> Sun Jan 24 10:21:16 UTC 2021 - Dirk Müller <dmueller@suse.com>
+1 -1
View File
@@ -18,7 +18,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}} %{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-lxml Name: python-lxml
Version: 4.6.2 Version: 4.6.3
Release: 0 Release: 0
Summary: Pythonic XML processing library Summary: Pythonic XML processing library
License: BSD-3-Clause AND GPL-2.0-or-later License: BSD-3-Clause AND GPL-2.0-or-later
BIN
View File
Binary file not shown.
BIN
View File
Binary file not shown.