libhtml-stripscripts-perl 1.06-1ubuntu0.22.04.1 source package in Ubuntu
Changelog
libhtml-stripscripts-perl (1.06-1ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: Regular expression Denial of Service
- debian/patches/CVE-2023-24038.patch: Handler for style attribute
is vulnerable to ReDoS.
- CVE-2023-24038
-- Paulo Flabiano Smorigo <email address hidden> Mon, 15 May 2023 17:04:41 -0300
Upload details
- Uploaded by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- perl
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | updates | universe | perl | |
| Jammy | security | universe | perl |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libhtml-stripscripts-perl_1.06.orig.tar.gz | 43.7 KiB | 222bfb7ec1fdfa465e32da3dc4abed2edc7364bbe19e8e3c513c7d585b0109ad |
| libhtml-stripscripts-perl_1.06-1ubuntu0.22.04.1.debian.tar.xz | 3.7 KiB | 111e6bddb0c12d208e8d8617fee8069f7b303025831548d78e1bad3c116ecd91 |
| libhtml-stripscripts-perl_1.06-1ubuntu0.22.04.1.dsc | 2.4 KiB | 0516341118c2e2bb052f27e177e10b3443f44f5d28cd6c7b521668fe10a2c481 |
Available diffs
Binary packages built by this source
- libhtml-stripscripts-perl: module for removing scripts from HTML
HTML::StripScripts is a Perl module for neutralizes scripting constructs in
HTML, leaving as much non-scripting markup in place as possible. This allows
web applications to display HTML originating from an untrusted source without
introducing cross-site scripting (XSS) vulnerabilities.
.
The process is based on whitelists of tags, attributes and attribute values.
This approach is the most secure against disguised scripting constructs hidden
in malicious HTML documents.
.
As well as removing scripting constructs, this module ensures that there is a
matching end for each start tag, and that the tags are properly nested.
.
You will probably use HTML::StripScripts::Parser rather than using this module
directly (see libhtml-stripscripts- parser- perl).
