- Committer: Package Import Robot
- Date: 2015-04-06 16:53:54 UTC
- Revision ID: package-import@ubuntu.com-20150406165354-sme6dft73f81n9r9
* Non-maintainer upload.
* Add patch fixing several security issues:
- (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that
contain XML entities, to prevent various DoS attacks.
- (bug T88310) SECURITY: Always expand xml entities when checking
SVG's.
- (bug T73394) SECURITY: Escape > in Html::expandAttributes to
prevent XSS.
- (bug T85855) SECURITY: Don't execute another user's CSS or JS
on preview.
- (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues
fixed in SVG filtering to prevent XSS and protect viewer's
privacy.
* Add patch fixing several security issues:
- (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that
contain XML entities, to prevent various DoS attacks.
- (bug T88310) SECURITY: Always expand xml entities when checking
SVG's.
- (bug T73394) SECURITY: Escape > in Html::expandAttributes to
prevent XSS.
- (bug T85855) SECURITY: Don't execute another user's CSS or JS
on preview.
- (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues
fixed in SVG filtering to prevent XSS and protect viewer's
privacy.
| Filename | Latest Rev | Last Changed | Committer | Comment | Size | ||
|---|---|---|---|---|---|---|---|
 ..
|
|||||||
.htaccess |
1.1.18 | 12 years ago | Package Import Robot | Import upstream version 1.18.1 | 14 bytes |
|
|