Accepted libhtmlcleaner-java 2.26-1+deb12u1 (source) into proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 7 Aug 2023 18:17:55 CEST
Source: libhtmlcleaner-java
Architecture: source
Version: 2.26-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Alexandre Rossi <alexandre.rossi@gmail.com>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
76ae5ba9f0674e4d00b3909edfaf88cb5a04f598 2396 libhtmlcleaner-java_2.26-1+deb12u1.dsc
d6f9d95cb52760deba3768ecb76aa737341da7a8 205040 libhtmlcleaner-java_2.26.orig.tar.xz
c1b302f8a4e34feab5fbd4076d176e1f8fda2977 9596 libhtmlcleaner-java_2.26-1+deb12u1.debian.tar.xz
035654677e8f1353a12c7b21128d0265841bd694 15381 libhtmlcleaner-java_2.26-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
c82899da2bf59c41b47355d70817bd615447ec94551270fd90f4c1b210f71cc9 2396 libhtmlcleaner-java_2.26-1+deb12u1.dsc
97911a4fba03c64e13ae4d38a7b2f56c73075c1c38e418bfca1b520d8821be6c 205040 libhtmlcleaner-java_2.26.orig.tar.xz
a89cd6cc7cabf43f93fb0c58c919515ebd7917910a2761ef6fcf5bae4a464651 9596 libhtmlcleaner-java_2.26-1+deb12u1.debian.tar.xz
578cfbc2dcf8371bd8c34496eb7680792bf5088fd6fc005d9f78594a7d96abb2 15381 libhtmlcleaner-java_2.26-1+deb12u1_amd64.buildinfo
Changes:
libhtmlcleaner-java (2.26-1+deb12u1) bookworm-security; urgency=high
.
* Non-maintainer upload.
* Fix CVE-2023-34624:
A security vulnerability has been discovered in libhtmlcleaner-java, a Java
HTML parser library. An attacker was able to cause a denial of service
(StackOverflowError) if the parser runs on user supplied input with deeply
nested HTML elements. This update introduces a new nesting depth limit
which can be overridden in cleaner properties.
Files:
b2b2183edc04c37b0b67ca76d0104d84 2396 java optional libhtmlcleaner-java_2.26-1+deb12u1.dsc
401c68be313ef81ce19b986cdc3f4d37 205040 java optional libhtmlcleaner-java_2.26.orig.tar.xz
0614b4cad74ad5973cf58d06e394a154 9596 java optional libhtmlcleaner-java_2.26-1+deb12u1.debian.tar.xz
1c83405453b84b32e4a05cd56d3580c7 15381 java optional libhtmlcleaner-java_2.26-1+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTRGXVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkz/cQAKlHYoTz12XNel9nCkHLIgZ5PhrpFdDCR83k
d9id/gQiaFuNcgcfGE1DAUceYc7ioKZ3Kesiif6pJ1yd9hL4e0za6401XuTZ4eWd
XOb2QAgKe6f9zrSjcVRZy3Wi/CFVGUvFFZlwuydR8afsxTlJ0EcZXdA4gqKKxPB5
M6zzf/0b2THeWF+wvOxiErFMf2TpBCwyIeG1kPqe6FmfX+uI+iZjuVhuFkIe4XnS
FZQ38ec+yMJbT/lqgRbF4b9YrrFEQbiSS4mVsovdoXZ4EGMp9JkUMnDAFn8GVOsS
UwA8Dp+MuY3eNw+DSQ4F7V79maBGoPOu+B8xkWNjPFbujadID8Y2ZDfc3RnXIVgM
sUXu8DE2+OzkYM5i63A2zJZMJn4k9ENTnMdlf4ehsHUaHbArwWUz5zvdUdDJ4sGE
Zrq0r7HIEhgtxq5y78S3Dw5gybliKuztYACRXBUW29iOBYl4VjIEQuob7sUjPiTO
0fa31kD44y8I+yKyszMSpc2BBGldmZtxhplMxwZrzl/GROrm6y6uzTzpNN9S94nX
9Giquk+nvJtoNdXZSIgvaT67+bjQxg3CKnQUw0ERqtDDNiRCrW3OhbxDbvuHojP2
rK9j06COBBlYK2Pbs0tsF7OWiriJdKiy38cEpMq0kx/ZcPjJn5hzXjMPJ3G3Gt56
9tQUeAQ/
=pNzZ
-----END PGP SIGNATURE-----
Reply to: