Overview
Request 866353 accepted
- update to 4.6.2:
* A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry,
which allowed JavaScript to pass through. The cleaner now removes more sneaky
"style" content.
* A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed
JavaScript to pass through. The cleaner now removes more sneaky "style" content.
* GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields.
Patch by Aidan Woolley.
* ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields.
* ``lxml.html.InputGetter.keys()`` now returns the field names in document order.
* GH-309: The API documentation is now generated using ``sphinx-apidoc``.
* LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
when a default namespace was defined.
* ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it
should have raised ``XMLSyntaxError``. It now raises a combined exception to
keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an
interface.
- Created by dirkmueller
- In state accepted
Request History
dirkmueller created request
- update to 4.6.2:
* A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry,
which allowed JavaScript to pass through. The cleaner now removes more sneaky
"style" content.
* A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed
JavaScript to pass through. The cleaner now removes more sneaky "style" content.
* GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields.
Patch by Aidan Woolley.
* ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields.
* ``lxml.html.InputGetter.keys()`` now returns the field names in document order.
* GH-309: The API documentation is now generated using ``sphinx-apidoc``.
* LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
when a default namespace was defined.
* ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it
should have raised ``XMLSyntaxError``. It now raises a combined exception to
keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an
interface.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
jengelh accepted review
dimstar_suse set openSUSE:Factory:Staging:B as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:B"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:B"
dimstar_suse added factory-staging as a reviewer
Being evaluated by group "factory-staging"
dimstar_suse accepted review
Unstaged from project "openSUSE:Factory:Staging:B"
dimstar_suse set openSUSE:Factory:Staging:J as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:J"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:J"
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:J got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:J got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:J got accepted.