python-lxml
http://codespeak.net/lxml
lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree API. It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more.
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout Cloud:OpenStack:Rocky/python-lxml && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| 0001-CVE-2018-19787.patch | 0000003057 2.99 KB | |
| 0001-CVE-2020-27783.patch | 0000001748 1.71 KB | |
| 0001-CVE-2021-28957.patch | 0000001890 1.85 KB | |
| 0001-CVE-2021-43818.patch | 0000004235 4.14 KB | |
|
0001-Make-test-more-resilient-against-changes-in-l |
0000001567 1.53 KB | |
| 0002-CVE-2020-27783.patch | 0000005237 5.11 KB | |
| 0002-CVE-2021-43818.patch | 0000002223 2.17 KB | |
| lxml-4.2.4.tar.gz | 0002545289 2.43 MB | |
| lxmldoc-4.2.4.pdf | 0001148892 1.1 MB | |
| python-lxml.changes | 0000058068 56.7 KB | |
| python-lxml.spec | 0000004245 4.15 KB |
Latest Revision
Jeremy Moffitt (jeremy_moffitt)
accepted
request 967839
from
Earl Sampson (esampson)
(revision 4)
- Fix bsc#1179534 (CVE-2020-27783) mXSS due to the use of improper parser Patch files: 0001-CVE-2020-27783.patch 0002-CVE-2020-27783.patch - Fix bsc#1118088 (CVE-2018-19787) lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks Patch file: 0001-CVE-2018-19787.patch - Fix bsc#1184177 (CVE-2021-28957) missing input sanitization for formaction HTML5 attributes may lead to XSS Patch file: 0001-CVE-2021-28957.patch - Fix bsc#1193752 (CVE-2021-43818) Cleaner: Remove SVG image data URLs since they can embed script content. Reported as GHSL-2021-1037 and GHSL-2021-1038 Patch files 0001-CVE-2021-43818.patch 0002-CVE-2021-43818.patch
Comments 0