python-bleach
No description set
- Developed at devel:languages:python
- Sources inherited from project openSUSE:Factory
-
5
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:Rebuild/python-bleach && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| bleach-3.1.3.tar.gz | 0000176601 172 KB | |
| de-vendor.patch | 0000001775 1.73 KB | |
| python-bleach.changes | 0000010811 10.6 KB | |
| python-bleach.spec | 0000002587 2.53 KB |
Revision 9 (latest revision is 20)
Dominique Leuenberger (dimstar_suse)
accepted
request 787398
from
Dirk Mueller (dirkmueller)
(revision 9)
- update to 3.1.3 (bsc#1167379):
* Add relative link to code of conduct. (#442)
* Drop deprecated 'setup.py test' support. (#507)
* Fix typo: curren -> current in tests/test_clean.py (#504)
* Test on PyPy 7
* Drop test support for end of life Python 3.4
* ``bleach.clean`` behavior parsing embedded MathML and SVG content
with RCDATA tags did not match browser behavior and could result in
a mutation XSS.
Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or
``svg`` tags and one or more of the RCDATA tags ``script``,
``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or
``xmp`` in the allowed tags whitelist were vulnerable to a mutation
XSS.
This security issue was confirmed in Bleach version v3.1.1. Earlier
versions are likely affected too.
Comments 0