-
tidy-html5 (2:5.6.0-11ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary code exec via recursive parsing
- debian/patches/CVE-2021-33391-pre1.patch: introduce stack functions
in src/lexer.c, src/lexer.h.
- debian/patches/CVE-2021-33391.patch: refactor the recursion into a
loop with a heap-based stack in src/gdoc.c.
- CVE-2021-33391
-- Marc Deslauriers <email address hidden> Fri, 10 Nov 2023 10:57:54 +0200
-
tidy-html5 (2:5.6.0-11build2) jammy; urgency=high
* No change rebuild for ppc64el baseline bump.
-- Julian Andres Klode <email address hidden> Fri, 25 Mar 2022 10:58:54 +0100
-
tidy-html5 (2:5.6.0-11build1) impish; urgency=medium
* No-change rebuild to build packages with zstd compression.
-- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:25:38 +0200