- update to 4.6.3:
* A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
which allowed JavaScript to pass through. The cleaner now removes the HTML5
``formaction`` attribute.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-lxml?expand=0&rev=145
This commit is contained in:
@@ -1,3 +1,11 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Apr 6 01:51:29 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
- update to 4.6.3:
|
||||||
|
* A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
|
||||||
|
which allowed JavaScript to pass through. The cleaner now removes the HTML5
|
||||||
|
``formaction`` attribute.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sun Jan 24 10:21:16 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
Sun Jan 24 10:21:16 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -18,7 +18,7 @@
|
|||||||
|
|
||||||
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
|
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
|
||||||
Name: python-lxml
|
Name: python-lxml
|
||||||
Version: 4.6.2
|
Version: 4.6.3
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Pythonic XML processing library
|
Summary: Pythonic XML processing library
|
||||||
License: BSD-3-Clause AND GPL-2.0-or-later
|
License: BSD-3-Clause AND GPL-2.0-or-later
|
||||||
|
|||||||
BIN
Binary file not shown.
BIN
Binary file not shown.
Reference in New Issue
Block a user