Source: ruby-loofah Version: 2.0.3-2 Severity: important Tags: patch security upstream Forwarded: https://github.com/flavorjones/loofah/issues/144
Hi, the following vulnerability was published for ruby-loofah. CVE-2018-8048[0]: XSS vulnerability The issue is actually raised by an underlying issue in libxml2, but the CVE is specifically assigned for the loofah fix. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-8048 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8048 [1] https://github.com/flavorjones/loofah/issues/144 [2] https://github.com/flavorjones/loofah/commit/4a08c25a603654f2fc505a7d2bf0c35a39870ad7 Regards, Salvatore _______________________________________________ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
