lxml 4.5.0-1ubuntu0.5 source package in Ubuntu
Changelog
lxml (4.5.0-1ubuntu0.5) focal-security; urgency=medium
* SECURITY UPDATE: XSS vulnerability
- debian/patches/CVE-2021-43818-*.patch: prevent "@import"
from re-occurring in the CSS after replacements and remove
SVG image data URLs since they can embed script content in
src/lxml/html/clean.py, src/html/tests/test_clean.py.
- CVE-2021-43818
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Jan 2022 09:33:10 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | main | python | |
| Focal | security | main | python |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| lxml_4.5.0.orig.tar.gz | 4.3 MiB | 8620ce80f50d023d414183bf90cc2576c2837b88e00bea3f33ad2630133bbb60 |
| lxml_4.5.0-1ubuntu0.5.debian.tar.xz | 11.4 KiB | 28025ab0fb9998b5ffac5764e1ec812e01b77479cb12393a051bad6530d11907 |
| lxml_4.5.0-1ubuntu0.5.dsc | 2.3 KiB | ea128dee0ee9793039c338b7af1d55a5c6540c2dd70fe57fb506e44573985140 |
Available diffs
- diff from 4.5.0-1ubuntu0.3 to 4.5.0-1ubuntu0.5 (2.3 KiB)
- diff from 4.5.0-1ubuntu0.4 to 4.5.0-1ubuntu0.5 (502 bytes)
Binary packages built by this source
- python-lxml: pythonic binding for the libxml2 and libxslt libraries
lxml is a new Python binding for libxml2 and libxslt, completely
independent from existing Python bindings. Its aim:
.
* Pythonic API.
* Documented.
* Use Python unicode strings in API.
* Safe (no segfaults).
* No manual memory management!
.
lxml aims to provide a Pythonic API by following as much as possible
the ElementTree API, trying to avoid inventing too many new APIs,
or the user's having to learn new things -- XML is complicated enough.
- python-lxml-dbg: pythonic binding for the libxml2 and libxslt libraries (debug extension)
lxml is a new Python binding for libxml2 and libxslt, completely
independent from existing Python bindings.
.
This package contains the extension built for the Python debug interpreter.
- python-lxml-doc: pythonic binding for the libxml2 and libxslt libraries (documentation)
lxml is a new Python binding for libxml2 and libxslt, completely
independent from these existing Python bindings.
.
This package contains the html documentation.
- python3-lxml: pythonic binding for the libxml2 and libxslt libraries
lxml is a new Python binding for libxml2 and libxslt, completely
independent from existing Python bindings. Its aim:
.
* Pythonic API.
* Documented.
* Use Python unicode strings in API.
* Safe (no segfaults).
* No manual memory management!
.
lxml aims to provide a Pythonic API by following as much as possible
the ElementTree API, trying to avoid inventing too many new APIs,
or the user's having to learn new things -- XML is complicated enough.
- python3-lxml-dbg: pythonic binding for the libxml2 and libxslt libraries (debug extension)
lxml is a new Python binding for libxml2 and libxslt, completely
independent from existing Python bindings.
.
This package contains the extension built for the Python3 debug interpreter.
