HomeSolus

Update python-bleach to 2.1.3

Authored by EP01 on Mar 11 2018, 2:13 PM.

Description

Update python-bleach to 2.1.3

Summary:

  • Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized.
  • Fixed some other edge cases for attribute URI value sanitizing and improved testing of this code.

Test Plan: Tested with spyder and spyder3.

Reviewers: Triage Team, DataDrake

Reviewed By: Triage Team, DataDrake

Subscribers: DataDrake

Tags: #security

Differential Revision: https://dev.solus-project.com/D2448

Details

Committed
DataDrakeMar 11 2018, 2:14 PM
Pushed
DataDrakeMar 11 2018, 2:14 PM
Reviewer
Triage Team
Differential Revision
D2448: Update python-bleach to 2.1.3
Parents
R3708:9c94cc4f540e: Rebuild for python 3.6
Branches
Unknown
Tags
Unknown
References
tag: python-bleach-2.1.3-5