Helle Cédric,
On Tue, Feb 10, 2015 at 03:16:12PM +0100, Cédric Barboiron wrote:
>def image(opts)
> opts.delete(:align)
> opts[:alt] = opts[:title]
> -img = " alt=\"#{escape_attribute opts[:alt].to_s}\" />"
> -img = "#{img}" if
> opts[:href]
> +src = escape_uri(escape_a
Hi,
I've tried to write a patch for the very specific issue in this CVE.
The regex used is derived from the one used in redmine
(https://github.com/redmine/redmine/blob/master/lib/redcloth3.rb#L818).
Package built with this patch (in pbuilder) and succesfully tested against the
PoC in http://co3k
2 matches
Mail list logo
