From 34c29f33db898658e5b6682cc4aca53f2639242b6fb5ec222c87a374d307a1ae Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Tue, 6 Apr 2021 01:54:45 +0000
Subject: [PATCH] - update to 4.6.3:   * A vulnerability (CVE-2021-28957) was
 discovered in the HTML Cleaner by Kevin Chung,     which allowed JavaScript
 to pass through.  The cleaner now removes the HTML5     ``formaction``
 attribute.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-lxml?expand=0&rev=145
---
 lxml-4.6.2.tar.gz   | 3 ---
 lxml-4.6.3.tar.gz   | 3 +++
 python-lxml.changes | 8 ++++++++
 python-lxml.spec    | 2 +-
 4 files changed, 12 insertions(+), 4 deletions(-)
 delete mode 100644 lxml-4.6.2.tar.gz
 create mode 100644 lxml-4.6.3.tar.gz

diff --git a/lxml-4.6.2.tar.gz b/lxml-4.6.2.tar.gz
deleted file mode 100644
index 763be91..0000000
--- a/lxml-4.6.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cd11c7e8d21af997ee8079037fff88f16fda188a9776eb4b81c7e4c9c0a7d7fc
-size 3177310
diff --git a/lxml-4.6.3.tar.gz b/lxml-4.6.3.tar.gz
new file mode 100644
index 0000000..606deae
--- /dev/null
+++ b/lxml-4.6.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:39b78571b3b30645ac77b95f7c69d1bffc4cf8c3b157c435a34da72e78c82468
+size 3191113
diff --git a/python-lxml.changes b/python-lxml.changes
index 515338d..3d6db5c 100644
--- a/python-lxml.changes
+++ b/python-lxml.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Apr  6 01:51:29 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.6.3:
+  * A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
+    which allowed JavaScript to pass through.  The cleaner now removes the HTML5
+    ``formaction`` attribute.
+
 -------------------------------------------------------------------
 Sun Jan 24 10:21:16 UTC 2021 - Dirk Müller <dmueller@suse.com>
 
diff --git a/python-lxml.spec b/python-lxml.spec
index 79eb0dd..e96a48f 100644
--- a/python-lxml.spec
+++ b/python-lxml.spec
@@ -18,7 +18,7 @@
 
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-lxml
-Version:        4.6.2
+Version:        4.6.3
 Release:        0
 Summary:        Pythonic XML processing library
 License:        BSD-3-Clause AND GPL-2.0-or-later