Overview

File rubygem-rails-html-sanitizer.changes of Package rubygem-rails-html-sanitizer.30520

-------------------------------------------------------------------
Thu Aug 31 12:27:12 UTC 2023 - Paolo Perego <paolo.perego@suse.com>

- Fixing typos in CVEs corrected by prior submission

-------------------------------------------------------------------
Wed Aug 30 16:48:07 UTC 2023 - Paolo Perego <paolo.perego@suse.com>

- Add patch 0002_CVE-2022-23517_CVE-2022-23518_CVE-2022-23519_CVE-2022-23520.patch

  This patch fixes 4 different CVEs:
  * CVE-2022-23517 (bsc#1206433)
  * CVE-2022-23518 (bsc#1206434)
  * CVE-2022-23519 (bsc#1206435)
  * CVE-2022-23520 (bsc#1206436)

  In order to have the
  0002_CVE-2022-23517_CVE-2022-23518_CVE-2022-23519_CVE-2022-23520.patch
  working smoothly I monkey patched loofah API and crass rubygem code into
  rails-html-sanitizer.

-------------------------------------------------------------------
Thu Aug 18 07:28:48 UTC 2022 - Manuel Schnitzer <mschnitzer@suse.com>

- Add patch 0001_CVE-2022-32209.patch

  This patch fixes CVE-2022-32209 (bsc#1201183)

-------------------------------------------------------------------
Fri Mar 23 09:55:41 UTC 2018 - dkang@suse.com

- updated to version 1.0.4
  * CVE-2018-3741: XSS vulnerability
  see installed CHANGELOG.md
  fix bsc#1086598

-------------------------------------------------------------------
Tue Jan 26 05:35:48 UTC 2016 - coolo@suse.com

- updated to version 1.0.3:
  * boo#963326: CVE-2015-7578: XSS vulnerability via attributes
  * boo#963327: CVE-2015-7579: XSS vulnerability
  * boo#963328: CVE-2015-7580: XSS via whitelist sanitizer

-------------------------------------------------------------------
Mon Mar 16 06:51:40 UTC 2015 - coolo@suse.com

- updated to version 1.0.2, no changelog

-------------------------------------------------------------------
Mon Feb  9 08:20:28 UTC 2015 - coolo@suse.com

- initial package (version 1.0.1)
openSUSE Build Service is sponsored by
Places