+4.6.3 (2021-03-21) +================== + +Bugs fixed +---------- + +* A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung, + which allowed JavaScript to pass through. The cleaner now removes the HTML5 + ``formaction`` attribute.
Unable to check for sanity: > no match for package: dev-python/lxml-4.6.3
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
sparc done
hppa stable
x86 stable
amd64 done
ppc done
ppc64 done
arm64 done
s390 stable
arm done all arches done
Please cleanup
Package list is empty or all packages have requested keywords.
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=00cb8ca9acda9480b2cbc77e709e6f1c6d0babf4 commit 00cb8ca9acda9480b2cbc77e709e6f1c6d0babf4 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-10 03:53:32 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-10 04:16:21 +0000 [ GLSA 202208-06 ] lxml: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/777579 Bug: https://bugs.gentoo.org/829053 Bug: https://bugs.gentoo.org/856598 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-06.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+)
GLSA released, all done!