ruby-rails-html-sanitizer 1.0.3-1 source package in Ubuntu


ruby-rails-html-sanitizer (1.0.3-1) unstable; urgency=high

  * New upstream release. Contains fixes for several XSS vulnerabilities:
    CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 (Closes: #812814)
  * debian/ruby-tests.rake: re-enable test that was disabled
  * 0001-Skip-some-tests-under-Debian.patch: skip tests where the sanitized
    HTML is XSS-free but does not match the exact content expected by the
    upstream test suite. I suspect that is due to Nokogiri not using its own
    patched version of libxml2 in Debian, but can't be sure of that yet.
    Also, the same tests would already fail on 1.0.2 if enabled.

 -- Antonio Terceiro <email address hidden>  Tue, 26 Jan 2016 19:36:51 -0200

Upload details

Uploaded by:
Debian Ruby Extras Maintainers
Uploaded to:
Original maintainer:
Debian Ruby Extras Maintainers
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section


Xenial: [FULLYBUILT] amd64


File Size SHA-256 Checksum
ruby-rails-html-sanitizer_1.0.3-1.dsc 2.2 KiB 2ef86a8ee84d0ccf7b19d524d3fea04693499b2d1b314af26a3f651954e522ee
ruby-rails-html-sanitizer_1.0.3.orig.tar.gz 11.7 KiB 5727cbb975fcf8ccf18a7dee5e3db45dfe15a416f5468009bd33252c3bf490f7
ruby-rails-html-sanitizer_1.0.3-1.debian.tar.xz 3.2 KiB 4ab79e55188505e1ae79649678a4f508d7ab2f41c96e0c2c0df6526ef509635d

Available diffs

No changes file available.

Binary packages built by this source

ruby-rails-html-sanitizer: HTML sanitization for Rails applications

 This gem is responsible to sanitize HTML fragments in Rails applications. In
 Rails 4.2 and above this gem will be responsible for sanitizing HTML fragments
 in Rails applications, i.e. in the sanitize, sanitize_css, strip_tags and
 strip_links methods.