Opened 4 months ago

Closed 4 months ago

#14808 closed enhancement (fixed)

lxml-4.6.3 (Python Module)

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: elevated Milestone: 10.2
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version

Change History (3)

comment:1 by Douglas R. Reno, 4 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 4 months ago

Priority: normalelevated
4.6.3 (2021-03-21)
Bugs fixed

    A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung, which allowed JavaScript to pass through. The cleaner now removes the HTML5 formaction attribute.

This is marked as Medium out at NVD.

comment:3 by Douglas R. Reno, 4 months ago

Resolution: fixed
Status: assignedclosed

Fixed at r24406

Note: See TracTickets for help on using tickets.