Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=scarthgap 2021-01-20T17:30:28+00:00 2021-01-20T17:30:28+00:00 Leon Anavi leon.anavi@konsulko.com 2021-01-19T17:37:42+00:00 urn:sha1:826495b4cb0cfde9a4fec9b367f31609bc741a43 Upgrade to release 4.6.2: - A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry, which allowed JavaScript to pass through. The cleaner now removes more sneaky "style" content. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2020-10-28T17:22:05+00:00 Leon Anavi leon.anavi@konsulko.com 2020-10-22T14:17:49+00:00 urn:sha1:4a86d0784da38ac7bc56dd60d155c60183d35561 Upgrade to release 4.6.1: - lxml.html.InputGetter supports __len__() to count the number of input fields. - lxml.html.InputGetter has a new .items() method to ease processing all input fields. - lxml.html.InputGetter.keys() now returns the field names in document order. - GH-309: The API documentation is now generated using sphinx-apidoc. - C14N 2.0 serialisation failed for unprefixed attributes when a default namespace was defined. - TreeBuilder.close() raised AssertionError in some error cases where it should have raised XMLSyntaxError. It now raises a combined exception to keep up backwards compatibility, while switching to XMLSyntaxError as an interface. - A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed JavaScript to pass through. The cleaner now removes more sneaky "style" content. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>