1) CVE-2020-6816 Description: "In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False." URL: https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743 2) CVE-2020-6802 Description: "In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option." URL: https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
@maintainer(s), please advise if you are ready for stabilisation, or call yourself.
ppc stable
ppc64 stable
s390 stable
sparc stable
x86 stable
amd64 stable
arm64 stable
arm/hppa/ia64 ALLARCHES stable
Cleanup was done by zlogene in: https://bugs.gentoo.org/715058#c8 noglsa because XSS bug. Closing.