Updated python-html5lib packages fix security vulnerability
Publication date: 03 Jan 2017Modification date: 03 Jan 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9909 , CVE-2016-9910
Description
Fixes a potential cross-site scripting vulnerablity: quote attributes
that need escaping in legacy browsers. (CVE-2016-9909, CVE-2016-9910)
References
- https://bugs.mageia.org/show_bug.cgi?id=19912
- http://www.openwall.com/lists/oss-security/2016/12/08/8
- https://github.com/html5lib/html5lib-python/issues/11
- https://github.com/html5lib/html5lib-python/issues/12
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9909
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9910
SRPMS
5/core
- python-html5lib-1.0b3-7.1.mga5