diff options
author | Stefan Behnel <stefan_ml@behnel.de> | 2021-12-11 12:19:44 +0100 |
---|---|---|
committer | Stefan Behnel <stefan_ml@behnel.de> | 2021-12-11 12:19:44 +0100 |
commit | b7ea6871bd751b588868cf85b7784211f2c12fe7 (patch) | |
tree | 5f14521bae6e75028df8fc2f5708686aeaf8fe03 | |
parent | 69a747356655158fdf9abaecea5feafb3bd6b5f5 (diff) | |
download | python-lxml-b7ea6871bd751b588868cf85b7784211f2c12fe7.tar.gz |
Update changelog.
-rw-r--r-- | CHANGES.txt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index a5fae648..8314e6e9 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -2,6 +2,19 @@ lxml changelog ============== +4.6.5 (2021-12-??) +================== + +Bugs fixed +---------- + +* A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script + content through SVG images. + +* A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script + content through CSS imports and other crafted constructs. + + 4.6.4 (2021-11-01) ================== |