lxml security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package : lxml
Version : 2.2.8-2+deb6u1
CVE ID : CVE-2014-3146
Debian Bug : #746812
It was discovered that clean_html() function of lxml (pythonic bindings
for the libxml2 and libxslt libraries) performed insufficient sanitisation
for some non-printable characters. This could lead to cross-site
scripting.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFTrFQB02K2KlS5mJARAs8hAJ9j7KcOTtceddDGgJ0cbc2Eibv3RACffjiE
bMX5dm7wPImVPfsAExFjd7E=
=1lGN
-----END PGP SIGNATURE-----
Reply to: