lxml 4.3.2-1+deb10u4 source package in Debian
Changelog
lxml (4.3.2-1+deb10u4) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* Cleaner: Prevent "@import" from re-occurring in the CSS after
replacements, e.g. "@@importimport" (CVE-2021-43818) (Closes: #1001885)
* Cleaner: Remove SVG image data URLs since they can embed script content
(CVE-2021-43818) (Closes: #1001885)
-- Salvatore Bonaccorso <email address hidden> Wed, 12 Jan 2022 17:58:11 +0100
Upload details
- Uploaded by:
- Matthias Klose
- Uploaded to:
- Buster
- Original maintainer:
- Matthias Klose
- Architectures:
- any all
- Section:
- python
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Buster | release | main | python |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| lxml_4.3.2-1+deb10u4.dsc | 2.4 KiB | 77037f9d97c172d0c5d755b3403735e599644f560924a575f868e242b83febfe |
| lxml_4.3.2.orig.tar.gz | 4.2 MiB | 3a9d8521c89bf6f2a929c3d12ad3ad7392c774c327ea809fd08a13be6b3bc05f |
| lxml_4.3.2-1+deb10u4.debian.tar.xz | 11.4 KiB | 802ee2c0ce26b7323a8787811c16f15db384b45db01502e476ff219a20721f30 |
No changes file available.
