Navigation:
Browse pkgsrc
(this page) 2023-09-18 19:37:33 by Takahiro Kambe | Files touched by this commit (2) |  |
Log message: textproc/ruby-sanitize: update to 6.1.0 6.1.0 (2023-09-14) Features * Added the text-decoration-skip-ink and text-decoration-thickness CSS properties to the relaxed config. @martineriksson - #228 |
| 2023-07-09 04:56:28 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: textproc/ruby-sanitize: update to 6.0.2 6.0.2 (2023-07-06) Bug Fixes * CVE-2023-36823: Fixed an HTML+CSS sanitization bypass that could allow XSS (cross-site scripting). This issue affects Sanitize versions 3.0.0 through 6.0.1. When using Sanitize's relaxed config or a custom config that allows <style> elements and one or more CSS at-rules, carefully crafted input could be used to sneak arbitrary HTML through Sanitize. See the following security advisory for additional details: GHSA-f5ww-cq3m-q3g7 Thanks to @cure53 for finding this issue. |
| 2022-08-30 17:37:23 by Takahiro Kambe | Files touched by this commit (4) |
Log message: textproc/ruby-sanitize: add package version 6.0.0 It is required for forthcoming redmine50 package. Sanitize is an allowlist-based HTML and CSS sanitizer. It removes all HTML and/or CSS from a string except the elements, attributes, and properties you choose to allow. |
New packages: