Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted python-bleach 1.4-1+deb8u1 (source all) into oldoldstable
Date: Wed, 01 Apr 2020 17:10:15 +0000
Signed by: Roberto C. Sanchez <roberto@familiasanchez.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Apr 2020 11:43:53 -0400
Source: python-bleach
Binary: python-bleach python3-bleach python-bleach-doc
Architecture: source all
Version: 1.4-1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Per Andersson <avtobiff@gmail.com>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Description:
 python-bleach - whitelist-based HTML-sanitizing library (Python 2)
 python-bleach-doc - whitelist-based HTML-sanitizing library (common documentation)
 python3-bleach - whitelist-based HTML-sanitizing library (Python 3)
Closes: 955388
Changes:
 python-bleach (1.4-1+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2020-6817: Calls to bleach.clean with an allowed tag with an
     allowed style attribute are vulnerable toregular expression denial of
     service (ReDoS). (Closes: #955388)
Checksums-Sha1:
 a2355b5bfcca75dbb19a418db9fa3b321098ec29 2305 python-bleach_1.4-1+deb8u1.dsc
 1444048c8904a9e2b56e5dd3f047538cab0cf9bf 28218 python-bleach_1.4.orig.tar.gz
 5ae14dc283c0d23cef084f515164e1557a2cdb08 4280 python-bleach_1.4-1+deb8u1.debian.tar.xz
 d3d659f875eeca8a8ad52b9ea49d0eb821545e4a 20274 python-bleach_1.4-1+deb8u1_all.deb
 092ca8bee1ca3581a1a87a0e715e7eff287cdb5b 20368 python3-bleach_1.4-1+deb8u1_all.deb
 9e3ebcdc56235d6c25f2b43c33174d6ce21ae5e6 28532 python-bleach-doc_1.4-1+deb8u1_all.deb
Checksums-Sha256:
 06341971ace865a4d3f667c287963c9db2d0b9b6c822325d9cc5240e2a99097a 2305 python-bleach_1.4-1+deb8u1.dsc
 ea611d0215b382154edbff7d190c7f68866ec66023e4c38a461c35382ce40319 28218 python-bleach_1.4.orig.tar.gz
 f3291a2c2171c9ff96a2807796d70006c0d2cd96a68d0de84ab6862aa9694bff 4280 python-bleach_1.4-1+deb8u1.debian.tar.xz
 13b8ed012b3d89d3cf76c45db246352f33921702145bf76937818044b3d85f4f 20274 python-bleach_1.4-1+deb8u1_all.deb
 720de73eb92d4818e08512dda4a836b06c0fccf972f18d568558cf4bf185f25e 20368 python3-bleach_1.4-1+deb8u1_all.deb
 6f61e024329f192f4a5146e1fa7ceb8604c722badc60db070bac703bbbe72eb2 28532 python-bleach-doc_1.4-1+deb8u1_all.deb
Files:
 d6ecc6a1ffb988727cddbe6eb3243190 2305 python optional python-bleach_1.4-1+deb8u1.dsc
 8f80cb2bd16862d37eea213a53b18d4f 28218 python optional python-bleach_1.4.orig.tar.gz
 fcbf407ed1a13bb03de33e284b4752b2 4280 python optional python-bleach_1.4-1+deb8u1.debian.tar.xz
 ab927a4c2b031c17111e7d59b30ad5e9 20274 python optional python-bleach_1.4-1+deb8u1_all.deb
 f9b11d485641effa9bcb95d9800c95d1 20368 python optional python3-bleach_1.4-1+deb8u1_all.deb
 0ea463df9ad005e9a8f5a11b4a3a93fe 28532 doc optional python-bleach-doc_1.4-1+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl6Ex10ACgkQLNd4Xt2n
sg++rw/9FNtNoetXBuxaQbuK1J2VM+9r0GiMMbYxYvpJypNvQUUBKCDB36rvmcUO
CAGmIRimChDyXgdJzfFB9oJvLvgwaEQ6pQXT5y6WZ1t9+IXnatRs2aEyjMxq8/wx
5H2b6wVxZoIkfm0Lb/zsQS2fTm5nDud87RXQJfth5KOGm6XMBPl1h+DCI0iKUUVP
dKOA0FmgwjASDn9Yzg0Ofe9p4w+1aA6yD1q8M179Twrt3R7kSv0r+eVtBGM32HzA
2+WWDb2aMZgp+sU0k8bhsqRvM2/Kx1nniqFWepjEz5dx5hNsy78DfvTiqwIf3bDN
pWZMP96U+8y0LpN6EwBMX0XaLXiIj/O4QCssMJmubvj0XIwohviGLw93DVwaVscP
4pkKsZCnYX2zkxsiSvM5l7h6aQlHBLbCey1zKgaZxF5OF/RoFFAx1472HEO3piSi
Rd7OYAdffAYsq7WZM59+mq7o5y/gu2XpmuIv7bE/ySSWRQ3DjEitS1VhcYaMcA1r
n7y+DRDAylt8hX5RNIP2Gg6kxgW3N5fiCYpbPsctCSEZrN9Wn6uDmaI2Jervk0N0
Pk+0Yx42cq8xG/uSIdEPEs3wKxTML7zDxD/V6yB4q6SEIa76tB82pfpPx7sIJXGg
Z8ZZonPV2yqVcCN3PqZjuomI0frVRZfTPODiKLz3G69vDzlTyXo=
=r5de
-----END PGP SIGNATURE-----
News for package python-bleach
