-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 03 Sep 2022 01:03:14 +0200 Source: jsoup Architecture: source Version: 1.15.3-1 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Closes: 1018931 Changes: jsoup (1.15.3-1) unstable; urgency=high . * Team upload. * New upstream version 1.15.3. - Fix CVE-2022-36033: Jsoup may incorrectly sanitize HTML including Javascript which could allow XSS attacks. (Closes: #1018931) Thanks to Salvatore Bonaccorso for the report. Checksums-Sha1: 95e1061f474df848fedd691078142c25ffd4db56 2361 jsoup_1.15.3-1.dsc aca928522acdac30598ef756317eed47758566c0 465348 jsoup_1.15.3.orig.tar.xz a951d9c0b2e3df307eace80a1db87cd3c4f15398 5356 jsoup_1.15.3-1.debian.tar.xz e9998d49d20153e81f453a0615eb77413cec3259 14311 jsoup_1.15.3-1_amd64.buildinfo Checksums-Sha256: eb6b2a176fe9df0553c580e33e798cfa8e4664b8fd855881bd719682f08c742f 2361 jsoup_1.15.3-1.dsc 052511f0be47511f9b2a17d44fc1eccc4b5373e77cc5a3221e34b6af437e1e2e 465348 jsoup_1.15.3.orig.tar.xz 2cbf6226cc80f0160981f097b0a8d45d87ef4a15a028abf4cf10e695df9a0984 5356 jsoup_1.15.3-1.debian.tar.xz b3aff9779a82732cf7eff09e72fa4f210b71a1806937d3892c4a4a850f6a8e50 14311 jsoup_1.15.3-1_amd64.buildinfo Files: 75ebc2a2868879ef09be76ab97133623 2361 java optional jsoup_1.15.3-1.dsc a4a75fc1e76f0994698a5303403f0bdf 465348 java optional jsoup_1.15.3.orig.tar.xz 1b27a05ce12357e4bc26a57803b40e60 5356 java optional jsoup_1.15.3-1.debian.tar.xz a835bd0d3e26ea4e877113a36d45cf85 14311 java optional jsoup_1.15.3-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmMSjL5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HksdoP/1CtjGNqGi+BdRi/Ea6pK9oApqi3bhIZZWx3 9OlVCbN6JZxuL3C1I64Ggj272PBtJsRFukJZiXGoxn0CNKZ7zIBQweiv0wRZbxTV Fox5dRmSybQ+EduXAJz7qt0py/7hgq6r6odYq6MH2r43NbCRdc0utclcTnXZV1Xy 3JzGRJy30i4yiuWIgeT5eZWyKcKD+zbP0yiNsBx24dWRmHuckwlZnLQGbLL5SSIn 8WiLLorGsQp/twWEE1h2p8ZBPHrzzA+MAV3d3ztseJlr8N1rYRXNtEiKxceAJT/j +WotCkzM2o4MFA9Iy3bbdMen6/o6M8yM8st11lfqcSiocOtSXkCziqQdVilNATF4 +svaQzMuuYkRJnKC2fIYnZlKRNEFZEPa5NbxD3zLfhtwv7xZGqx/usvNAy4CZEgU rpTpYPFbPnp+6IRGV5Dp3828etGlPEv1OhH97caOYu6GoKSf2z30sl2h/0kpx7+E arkTE9ON5l3v3Q+Gi0iX0+9Uj65Q8FsdJeyuqKOD3WMqChH3JD2rsD5S4fly7LB3 e2iRNLx2FQm33MEFCXqIzFpM3dVoRtgAAfXv7qFzzZ+P0CENX5ZNxkwYYfn+ZjLF smPATYixOaaYheLhW1HyRwS5VdUZdnKCj67XUqsoZ3+xw1nQqxHpyRuIzHSWjJvI tbqKfQgT =2XHV -----END PGP SIGNATURE-----