godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-04 06:10:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

package/python-lxml: security bump to version 4.6.2

Browse Source 
Fixes the following security issues:

* 4.6.2: A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner
  by Yaniv Nizry, which allowed JavaScript to pass through.  The cleaner now
  removes more sneaky "style" content.

* 4.6.1: A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry,
  which allowed JavaScript to pass through.  The cleaner now removes more
  sneaky "style" content.

For more details, see the changes file:
https://github.com/lxml/lxml/blob/lxml-4.6.2/CHANGES.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard
2020-12-14 00:01:52 +01:00
parent 2af6d8a875
commit ea41a5faab
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package/python-lxml/python-lxml.mk
View File

@@ -4,8 +4,8 @@
#
################################################################################
PYTHON_LXML_VERSION = 4.5.1
PYTHON_LXML_SITE = https://files.pythonhosted.org/packages/03/a8/73d795778143be51d8b86750b371b3efcd7139987f71618ad9f4b8b65543
PYTHON_LXML_VERSION = 4.6.2
PYTHON_LXML_SITE = https://files.pythonhosted.org/packages/db/f7/43fecb94d66959c1e23aa53d6161231dca0e93ec500224cf31b3c4073e37
PYTHON_LXML_SOURCE = lxml-$(PYTHON_LXML_VERSION).tar.gz
# Not including the GPL, because it is used only for the test scripts.