lxml security update

[Thorsten Alteholz <debian@alteholz.de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Package        : lxml
Version        : 2.2.8-2+deb6u1
CVE ID         : CVE-2014-3146
Debian Bug     : #746812

It was discovered that clean_html() function of lxml (pythonic bindings 
for the libxml2 and libxslt libraries) performed insufficient sanitisation 
for some non-printable characters. This could lead to cross-site 
scripting.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFTrFQB02K2KlS5mJARAs8hAJ9j7KcOTtceddDGgJ0cbc2Eibv3RACffjiE
bMX5dm7wPImVPfsAExFjd7E=
=1lGN
-----END PGP SIGNATURE-----