ruby-sanitize 2.1.0-2+deb9u1build0.18.04.1 source package in Ubuntu
Changelog
ruby-sanitize (2.1.0-2+deb9u1build0.18.04.1) bionic-security; urgency=medium * fake sync from Debian ruby-sanitize (2.1.0-2+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * Inproper filtering by libxml2 leads to HTML injection vulnerability (CVE-2018-3740) (Closes: #893610) * Drop fix-tests-sanitize.patch patch -- Mike Salvatore <email address hidden> Tue, 05 Feb 2019 12:08:34 -0500
Upload details
- Uploaded by:
- Mike Salvatore
- Uploaded to:
- Bionic
- Original maintainer:
- Debian Ruby Extras Maintainers
- Architectures:
- all
- Section:
- ruby
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Bionic | updates | universe | misc | |
Bionic | security | universe | misc |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
ruby-sanitize_2.1.0.orig.tar.gz | 17.7 KiB | 3b6aaf24987ad656bc240905fbca73508b1d0c39411f2c84997125b3d00571e5 |
ruby-sanitize_2.1.0-2+deb9u1build0.18.04.1.debian.tar.xz | 7.7 KiB | a7087dddcd496440836f7cf4be9d562f4a0d985854be98f0edd763ba94db6445 |
ruby-sanitize_2.1.0-2+deb9u1build0.18.04.1.dsc | 2.1 KiB | 1e4296b6604a6da162400f06fde185457d924f6bc8a42c1b19c6c529151bceb9 |
Available diffs
Binary packages built by this source
- ruby-sanitize: whitelist-based HTML sanitizer
Sanitize is a whitelist-based HTML sanitizer. Given a list of acceptable
elements and attributes, Sanitize will remove all unacceptable HTML from a
string.
.
Using a simple configuration syntax, you can tell Sanitize to allow certain
elements, certain attributes within those elements, and even certain URL
protocols within attributes that contain URLs. Any HTML elements or attributes
that you don't explicitly allow will be removed.
.
Because it's based on Nokogiri, a full-fledged HTML parser, rather than a bunch
of fragile regular expressions, Sanitize has no trouble dealing with malformed
or maliciously-formed HTML and returning safe output.