Format: 1.8 Date: Wed, 12 Jan 2022 14:18:50 +0000 Source: lxml Binary: python3-lxml python3-lxml-dbg python-lxml-doc Architecture: source Version: 4.6.3-1ubuntu0.2~cloud0 Distribution: focal Urgency: medium Maintainer: Ubuntu Developers Changed-By: Openstack Ubuntu Testing Bot Description: python-lxml-doc - pythonic binding for the libxml2 and libxslt libraries (documenta python3-lxml - pythonic binding for the libxml2 and libxslt libraries python3-lxml-dbg - pythonic binding for the libxml2 and libxslt libraries (debug ext Changes: lxml (4.6.3-1ubuntu0.2~cloud0) focal-wallaby; urgency=medium . * New update for the Ubuntu Cloud Archive. . lxml (4.6.3-1ubuntu0.2) hirsute-security; urgency=medium . * SECURITY UPDATE: XSS vulnerability - debian/patches/CVE-2021-43818-*.patch: prevent "@import" from re-occurring in the CSS after replacements and remove SVG image data URLs since they can embed script content in src/lxml/html/clean.py, src/html/tests/test_clean.py. - CVE-2021-43818 Checksums-Sha1: 2ce080c1767df3c88307da00b47714c0e8d8316f 2130 lxml_4.6.3-1ubuntu0.2~cloud0.dsc 83e7798d0d2c74c9a5e087211e972a3d0e157cee 948931 lxml_4.6.3.orig.tar.gz 3ad538b9ebf6c12489a24dce3e8c905d504e5135 9640 lxml_4.6.3-1ubuntu0.2~cloud0.debian.tar.xz Checksums-Sha256: 9c8f87485aad260e319a4e5b6bf2c5e1f2b236bad3c2763e0f012a502f45fa3a 2130 lxml_4.6.3-1ubuntu0.2~cloud0.dsc 5955ed615b7be9407d9eab83edde8f1818c94224d762d1d6355bf0371f220bd6 948931 lxml_4.6.3.orig.tar.gz 1cafa0ad1f72f7044068d1d9d4792b6bb12700e59ae619daad728df2eeeb4a57 9640 lxml_4.6.3-1ubuntu0.2~cloud0.debian.tar.xz Files: c682c95c67bb3b271273b1ba2a5353ac 2130 python optional lxml_4.6.3-1ubuntu0.2~cloud0.dsc fd1267d952ea185db8018afe33b4895d 948931 python optional lxml_4.6.3.orig.tar.gz b9103fe9b39728a1a886d54d29776eff 9640 python optional lxml_4.6.3-1ubuntu0.2~cloud0.debian.tar.xz Original-Maintainer: Matthias Klose