Overview

File CVE-2022-23515.patch of Package rubygem-loofah.28451

--- loofah-2.2.2/lib/loofah/html5/whitelist.rb.old	2023-03-26 19:11:52.347909975 +0200
+++ loofah-2.2.2/lib/loofah/html5/whitelist.rb	2023-03-26 19:12:46.679908606 +0200
@@ -150,7 +150,7 @@
       telnet webcal xmpp callto feed urn aim rsync tag ssh sftp rtsp afs data]
 
       ACCEPTABLE_URI_DATA_MEDIATYPES = Set.new %w[text/plain text/css image/png image/gif
-        image/jpeg image/svg+xml]
+        image/jpeg]
 
       # subclasses may define their own versions of these constants
       ALLOWED_ELEMENTS = ACCEPTABLE_ELEMENTS + MATHML_ELEMENTS + SVG_ELEMENTS
openSUSE Build Service is sponsored by
Places