File rubygem-rails-html-sanitizer.changes of Package rubygem-rails-html-sanitizer.12047

-------------------------------------------------------------------
Fri Aug  2 09:04:03 UTC 2019 - Manuel Schnitzer <mschnitzer@suse.com>

- Add patch 0001_CVE-2018-3741-xss_vulnerability.patch
  
  This patch fixes CVE-2018-3741 (bsc#1086598)

  We don't need to update to the latest rubygem-loofah version,
  since our patched version of rubygem-loofah provides the function
  which is required to address this security hole.

-------------------------------------------------------------------
Fri Sep 15 11:11:46 UTC 2017 - rsalevsky@suse.com

- updated to version 1.0.3: (bsc#1055962)
  * boo#963326: CVE-2015-7578: XSS vulnerability via attributes
    remove CVE-2015-7578.patch
  * boo#963327: CVE-2015-7579: XSS vulnerability
    remove CVE-2015-7579.patch
  * boo#963328: CVE-2015-7580: XSS via whitelist sanitizer
    remove CVE-2015-7580.patch

-------------------------------------------------------------------
Tue Jan 26 10:31:58 UTC 2016 - jmassaguerpla@suse.com

- fix bnc#963328: CVE-2015-7580: rubygem-rails-html-sanitizer: XSS
  via whitelist sanitizer
  CVE-2015-7580.patch: contains the fix

-------------------------------------------------------------------
Mon Jan 25 18:07:42 UTC 2016 - jmassaguerpla@suse.com

- fix bnc#963327: CVE-2015-7579: rubygem-rails-html-sanitizer: XSS
  vulnerability in rails-html-sanitizer.
  CVE-2015-7579.patch: contains the fix

-------------------------------------------------------------------
Mon Jan 25 18:04:56 UTC 2016 - jmassaguerpla@suse.com

- fix bnc#963326: CVE-2015-7578: rubygem-rails-html-sanitizer: XSS
  vulnerability via attributes.
  CVE-2015-7578.patch: contains the fix

-------------------------------------------------------------------
Mon Mar 16 06:51:40 UTC 2015 - coolo@suse.com

- updated to version 1.0.2, no changelog

-------------------------------------------------------------------
Mon Feb  9 08:20:28 UTC 2015 - coolo@suse.com

- initial package (version 1.0.1)