ruby-sanitize (6.0.0-1.1ubuntu0.23.10.1) mantic-security; urgency=medium * SECURITY UPDATE: XSS via style element when using "relaxed" or custom config - debian/patches/CVE-2023-36823.patch: prevent style element from premature close by escaping "</" in lib/sanitize/transformers/clean_css.rb. - CVE-2023-36823 -- Evan Caville <email address hidden> Fri, 19 Apr 2024 12:30:54 +1000