ruby-sanitize 2.1.0-2+deb9u1build0.16.04.1 source package in Ubuntu

Changelog

ruby-sanitize (2.1.0-2+deb9u1build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian

ruby-sanitize (2.1.0-2+deb9u1) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Inproper filtering by libxml2 leads to HTML injection vulnerability
    (CVE-2018-3740) (Closes: #893610)
  * Drop fix-tests-sanitize.patch patch

 -- Mike Salvatore <email address hidden>  Tue, 05 Feb 2019 12:31:46 -0500

Upload details

Uploaded by:
Mike Salvatore
Uploaded to:
Xenial
Original maintainer:
Debian Ruby Extras Maintainers
Architectures:
all
Section:
ruby
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates universe misc
Xenial security universe misc

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
ruby-sanitize_2.1.0.orig.tar.gz 17.7 KiB 3b6aaf24987ad656bc240905fbca73508b1d0c39411f2c84997125b3d00571e5
ruby-sanitize_2.1.0-2+deb9u1build0.16.04.1.debian.tar.xz 7.8 KiB ac273a8ff9662c508d7f33ebb35e2dcf627fdef5fcd3e0331a0891e518d419be
ruby-sanitize_2.1.0-2+deb9u1build0.16.04.1.dsc 2.1 KiB 46f4e5d90f9bf7d458044aa705faf92279ca49c9100944ea95c881c7b4e744ed

View changes file

Binary packages built by this source

ruby-sanitize: whitelist-based HTML sanitizer

 Sanitize is a whitelist-based HTML sanitizer. Given a list of acceptable
 elements and attributes, Sanitize will remove all unacceptable HTML from a
 string.
 .
 Using a simple configuration syntax, you can tell Sanitize to allow certain
 elements, certain attributes within those elements, and even certain URL
 protocols within attributes that contain URLs. Any HTML elements or attributes
 that you don't explicitly allow will be removed.
 .
 Because it's based on Nokogiri, a full-fledged HTML parser, rather than a bunch
 of fragile regular expressions, Sanitize has no trouble dealing with malformed
 or maliciously-formed HTML and returning safe output.