libhtml-stripscripts-perl 1.06-4 source package in Ubuntu
Changelog
libhtml-stripscripts-perl (1.06-4) unstable; urgency=medium
* Team upload.
* Handler for style attribute is vulnerable to ReDoS (CVE-2023-24038)
(Closes: #1029400)
-- Salvatore Bonaccorso <email address hidden> Tue, 24 Jan 2023 12:43:22 +0100
Upload details
- Uploaded by:
- Debian Perl Group
- Uploaded to:
- Sid
- Original maintainer:
- Debian Perl Group
- Architectures:
- all
- Section:
- perl
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Oracular | release | universe | perl | |
| Noble | release | universe | perl | |
| Mantic | release | universe | perl | |
| Lunar | release | universe | perl |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libhtml-stripscripts-perl_1.06-4.dsc | 2.3 KiB | 73bcef919315fb78cdd45126daa3a859c0e0461b5458187e23bd04c3ba7b54ce |
| libhtml-stripscripts-perl_1.06.orig.tar.gz | 43.7 KiB | 222bfb7ec1fdfa465e32da3dc4abed2edc7364bbe19e8e3c513c7d585b0109ad |
| libhtml-stripscripts-perl_1.06-4.debian.tar.xz | 4.0 KiB | 9d17f705aef95dfab81aad44f244860ce3c61764cf23e7d3ae827785b119ea0b |
Available diffs
- diff from 1.06-3 to 1.06-4 (1.5 KiB)
No changes file available.
Binary packages built by this source
- libhtml-stripscripts-perl: module for removing scripts from HTML
HTML::StripScripts is a Perl module for neutralizes scripting constructs in
HTML, leaving as much non-scripting markup in place as possible. This allows
web applications to display HTML originating from an untrusted source without
introducing cross-site scripting (XSS) vulnerabilities.
.
The process is based on whitelists of tags, attributes and attribute values.
This approach is the most secure against disguised scripting constructs hidden
in malicious HTML documents.
.
As well as removing scripting constructs, this module ensures that there is a
matching end for each start tag, and that the tags are properly nested.
.
You will probably use HTML::StripScripts::Parser rather than using this module
directly (see libhtml-stripscripts- parser- perl).
