python-bleach
No description set
- Developed at devel:languages:python
- Sources inherited from project openSUSE:Factory
-
5
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Slowroll:Base:1/python-bleach && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
bleach-3.1.3.tar.gz | 0000176601 172 KB | |
de-vendor.patch | 0000001775 1.73 KB | |
python-bleach.changes | 0000010811 10.6 KB | |
python-bleach.spec | 0000002587 2.53 KB |
Revision 9 (latest revision is 20)
Dominique Leuenberger (dimstar_suse)
accepted
request 787398
from
Dirk Mueller (dirkmueller)
(revision 9)
- update to 3.1.3 (bsc#1167379): * Add relative link to code of conduct. (#442) * Drop deprecated 'setup.py test' support. (#507) * Fix typo: curren -> current in tests/test_clean.py (#504) * Test on PyPy 7 * Drop test support for end of life Python 3.4 * ``bleach.clean`` behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS. Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or ``svg`` tags and one or more of the RCDATA tags ``script``, ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or ``xmp`` in the allowed tags whitelist were vulnerable to a mutation XSS. This security issue was confirmed in Bleach version v3.1.1. Earlier versions are likely affected too.
Comments 0