Fedora 13 Update: perl-HTML-Defang-1.04-1.fc13
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jan 14 20:32:07 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0195
2011-01-06 19:07:38
--------------------------------------------------------------------------------
Name : perl-HTML-Defang
Product : Fedora 13
Version : 1.04
Release : 1.fc13
URL : http://search.cpan.org/dist/HTML-Defang/
Summary : Cleans HTML and CSS of executable contents
Description :
This module accepts an input HTML and/or CSS string and removes any
executable code including scripting, embedded objects, applets, etc., and
neutralises any XSS attacks. A whitelist based approach is used which means
only HTML known to be safe is allowed through.
--------------------------------------------------------------------------------
Update Information:
This update to the latest upstream version includes:
* Change defang_and_add_to_output to delay the defanging until after the current tag is actually emitted to the output
* If url callback has marked the attribute as to be defanged, skip result of attribute callback
* Track <a> tags as part of mismatched tag tracking
* allow attribute values upto 16384 chars long
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Iain Arnell <iarnell at gmail.com> 1.04-1
- update to latest upstream version
- clean up spec for modern rpmbuild
* Fri Dec 17 2010 Marcela Maslanova <mmaslano at redhat.com> - 1.03-2
- 661697 rebuild for fixing problems with vendorach/lib
* Tue Jun 15 2010 Iain Arnell <iarnell at gmail.com> 1.03-1
- update to latest upstream
* Sun May 2 2010 Marcela Maslanova <mmaslano at redhat.com> - 1.02-3
- Mass rebuild with perl-5.12.0
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-HTML-Defang' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list