ruby-sanitize 2.1.0-2+deb9u1build0.18.04.1 source package in Ubuntu

Changelog

ruby-sanitize (2.1.0-2+deb9u1build0.18.04.1) bionic-security; urgency=medium

  * fake sync from Debian

ruby-sanitize (2.1.0-2+deb9u1) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Inproper filtering by libxml2 leads to HTML injection vulnerability
    (CVE-2018-3740) (Closes: #893610)
  * Drop fix-tests-sanitize.patch patch

 -- Mike Salvatore <email address hidden>  Tue, 05 Feb 2019 12:08:34 -0500

Upload details

Uploaded by:
Mike Salvatore
Uploaded to:
Bionic
Original maintainer:
Debian Ruby Extras Maintainers
Architectures:
all
Section:
ruby
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates universe misc
Bionic security universe misc

Builds

Bionic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
ruby-sanitize_2.1.0.orig.tar.gz 17.7 KiB 3b6aaf24987ad656bc240905fbca73508b1d0c39411f2c84997125b3d00571e5
ruby-sanitize_2.1.0-2+deb9u1build0.18.04.1.debian.tar.xz 7.7 KiB a7087dddcd496440836f7cf4be9d562f4a0d985854be98f0edd763ba94db6445
ruby-sanitize_2.1.0-2+deb9u1build0.18.04.1.dsc 2.1 KiB 1e4296b6604a6da162400f06fde185457d924f6bc8a42c1b19c6c529151bceb9

View changes file

Binary packages built by this source

ruby-sanitize: whitelist-based HTML sanitizer

 Sanitize is a whitelist-based HTML sanitizer. Given a list of acceptable
 elements and attributes, Sanitize will remove all unacceptable HTML from a
 string.
 .
 Using a simple configuration syntax, you can tell Sanitize to allow certain
 elements, certain attributes within those elements, and even certain URL
 protocols within attributes that contain URLs. Any HTML elements or attributes
 that you don't explicitly allow will be removed.
 .
 Because it's based on Nokogiri, a full-fledged HTML parser, rather than a bunch
 of fragile regular expressions, Sanitize has no trouble dealing with malformed
 or maliciously-formed HTML and returning safe output.