meta-openembedded

CaROS/meta-openembedded

Fork 0

mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00

Commit Graph

Author	SHA1	Message	Date
Trevor Gamblin	65ebf1fe85	PATCH] python3-lxml: upgrade 4.6.3 -> 4.6.5 Release notes (https://github.com/lxml/lxml/blob/master/CHANGES.txt): 4.6.5 (2021-12-12) ================== Bugs fixed ---------- * A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script content through SVG images (CVE-2021-43818). * A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script content through CSS imports and other crafted constructs (CVE-2021-43818). 4.6.4 (2021-11-01) ================== Features added -------------- * GH#317: A new property ``system_url`` was added to DTD entities. Patch by Thirdegree. * GH#314: The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars. Patch by Isaac Jurado. Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2022-04-16 09:52:00 -07:00

Author

SHA1

Message

Date

Trevor Gamblin

65ebf1fe85

PATCH] python3-lxml: upgrade 4.6.3 -> 4.6.5

Release notes (https://github.com/lxml/lxml/blob/master/CHANGES.txt):

4.6.5 (2021-12-12)
==================

Bugs fixed
----------

* A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script
  content through SVG images (CVE-2021-43818).

* A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script
  content through CSS imports and other crafted constructs (CVE-2021-43818).

4.6.4 (2021-11-01)
==================

Features added
--------------

* GH#317: A new property ``system_url`` was added to DTD entities.
  Patch by Thirdegree.

* GH#314: The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars.
  Patch by Isaac Jurado.

Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2022-04-16 09:52:00 -07:00

1 Commits