—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512
– ————————————————————————- Debian Security Advisory DSA-4364-1 security@debian.org www.debian.org/security/ Moritz Muehlenhoff January 08, 2019 www.debian.org/security/faq – ————————————————————————-
Package : ruby-loofah CVE ID : CVE-2018-16468
It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements.
For the stable distribution (stretch), this problem has been fixed in version 2.0.3-2+deb9u2.
We recommend that you upgrade your ruby-loofah packages.
For the detailed security status of ruby-loofah please refer to its security tracker page at: security-tracker.debian.org/tracker/ruby-loofah
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org —–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlw1J6kACgkQEMKTtsN8 TjY6uw/+IHf2a1EYlzBN1F+uRLu8F4qcQOwN/RqDu4phaYj4IloTMhilmsZK2NU7 ZkBo7mcIcEjXtNbvgN9i+c4NuF/FznBL5pjajT92GXOhWakM8czmID3IreI0yGBU S7KaIs5ce+gq1rEcoXrWmjrGkp6Kg3RwW6RHesoJLrfpixGo+jMQ3Jf2MLsPJzfg JRSgSigIyg1HOenAuH9TIsQhTDctcGB9x0orNWJmXYZ7AP2PArD/SykHYFQxJ4W1 y6cc8AAF9LB9TXlSIESyMWpOT411Qi8vTsH01rDypPtnhtoen12cG/lZCXTiCEjQ hGeUvdWVH2N1FBd/FpGUqO+qO1JjfjE1B+lzYRQuCxbgr/QO2W7Lf4K5ewC8mNqs VPyESUA+Ysu9pnNRAccJNPaUmrbK0cZLCTacfjshJHdfnATijhX1Sq4rGXHwTqFO PveNHaGhtMJbevNqPWLh+5AnwOIUO6mrFHVKyN9RMbYYVYcG5I1T1c34Lg5XvCN/ mPG1+qd7tm1BABHrLzJsWG3It2HqqpP/MraocBdJz6H1c2Sr4a3Bv8LKlfx4jAuF VfbOCQ/xErB2CXLcrVmjz0LC8dTvikKJxLfwhZDsaU8FYdcpqcW7tYouSLtIGxYI gIIjGE/1a8m3McbR6TMYpYGcZSFi9pejwpZsL9P1JLFgb41wwvQ= =raPr —–END PGP SIGNATURE—–

Get a domain name here from 4.99