ruby-rails-html-sanitizer 1.0.3-1 source package in Ubuntu
Changelog
ruby-rails-html-sanitizer (1.0.3-1) unstable; urgency=high
* New upstream release. Contains fixes for several XSS vulnerabilities:
CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 (Closes: #812814)
* debian/ruby-tests.rake: re-enable test that was disabled
* 0001-Skip-some-tests-under-Debian.patch: skip tests where the sanitized
HTML is XSS-free but does not match the exact content expected by the
upstream test suite. I suspect that is due to Nokogiri not using its own
patched version of libxml2 in Debian, but can't be sure of that yet.
Also, the same tests would already fail on 1.0.2 if enabled.
-- Antonio Terceiro <email address hidden> Tue, 26 Jan 2016 19:36:51 -0200
Upload details
- Uploaded by:
- Debian Ruby Extras Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian Ruby Extras Maintainers
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ruby-rails-html-sanitizer_1.0.3-1.dsc | 2.2 KiB | 2ef86a8ee84d0ccf7b19d524d3fea04693499b2d1b314af26a3f651954e522ee |
| ruby-rails-html-sanitizer_1.0.3.orig.tar.gz | 11.7 KiB | 5727cbb975fcf8ccf18a7dee5e3db45dfe15a416f5468009bd33252c3bf490f7 |
| ruby-rails-html-sanitizer_1.0.3-1.debian.tar.xz | 3.2 KiB | 4ab79e55188505e1ae79649678a4f508d7ab2f41c96e0c2c0df6526ef509635d |
Available diffs
- diff from 1.0.2-1 to 1.0.3-1 (7.2 KiB)
No changes file available.
Binary packages built by this source
- ruby-rails-html-sanitizer: HTML sanitization for Rails applications
This gem is responsible to sanitize HTML fragments in Rails applications. In
Rails 4.2 and above this gem will be responsible for sanitizing HTML fragments
in Rails applications, i.e. in the sanitize, sanitize_css, strip_tags and
strip_links methods.
