Opened 17 months ago

Closed 17 months ago

Last modified 12 months ago

#14808 closed enhancement (fixed)

lxml-4.6.3 (Python Module)

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: elevated Milestone: 11.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version

Change History (4)

comment:1 by Douglas R. Reno, 17 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 17 months ago

Priority: normalelevated
4.6.3 (2021-03-21)
Bugs fixed

    A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung, which allowed JavaScript to pass through. The cleaner now removes the HTML5 formaction attribute.

This is marked as Medium out at NVD.

comment:3 by Douglas R. Reno, 17 months ago

Resolution: fixed
Status: assignedclosed

Fixed at r24406

comment:4 by Bruce Dubbs, 12 months ago

Milestone: 10.211.0

Milestone renamed

Note: See TracTickets for help on using tickets.