Debian Package Tracker - ruby-sanitize

A new upstream version is available: 5.0.0 high

A new upstream version 5.0.0 is available, you should consider packaging it.

Created: 2018-10-18 Last update: 2018-12-16 15:08

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2018-3740: A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

Please fix it.

Created: 2018-03-20 Last update: 2018-08-25 06:15

1 security issue in stretch high

There is 1 open security issue in stretch.

1 important issue:

CVE-2018-3740: A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

Please fix it.

Created: 2018-03-20 Last update: 2018-08-25 06:15

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2018-3740: A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

Please fix it.

Created: 2018-08-25 Last update: 2018-08-25 06:15

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2018-3740: A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

Please fix it.

Created: 2018-03-20 Last update: 2018-08-25 06:15

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.2.0).

Created: 2018-08-26 Last update: 2018-08-26 08:17