Updated python-mistune packages fix security vulnerabilitiesPublication date: 07 Jan 2018
Affected Mageia releases : 6
CVE: CVE-2017-15612 , CVE-2017-16876
mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions (CVE-2017-15612). A cross-site-scripting vulnerability was found in python-mistune (CVE-2017-16876).