Publishing details
Changelog
lxml (4.2.1-1ubuntu0.6) bionic-security; urgency=medium
* SECURITY UPDATE: XSS vulnerability
- debian/patches/CVE-2021-43818-*.patch: prevent "@import"
from re-occurring in the CSS after replacements and remove
SVG image data URLs since they can embed script content in
src/lxml/html/clean.py, src/html/tests/test_clean.py.
- CVE-2021-43818
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Jan 2022 10:51:53 -0300
Builds
Built packages
-
python-lxml
pythonic binding for the libxml2 and libxslt libraries
-
python-lxml-dbg
pythonic binding for the libxml2 and libxslt libraries (debug extension)
-
python-lxml-doc
pythonic binding for the libxml2 and libxslt libraries (documentation)
-
python3-lxml
pythonic binding for the libxml2 and libxslt libraries
-
python3-lxml-dbg
pythonic binding for the libxml2 and libxslt libraries (debug extension)
Package files