Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=honister 2022-04-07T23:42:55+00:00 2022-04-07T23:42:55+00:00 Trevor Gamblin trevor.gamblin@windriver.com 2022-03-29T13:43:48+00:00 urn:sha1:1d0d23978a7602fe7483c0f449324c95c6cd1611 Release notes (https://github.com/lxml/lxml/blob/master/CHANGES.txt): 4.6.5 (2021-12-12) ================== Bugs fixed ---------- * A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script content through SVG images (CVE-2021-43818). * A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script content through CSS imports and other crafted constructs (CVE-2021-43818). 4.6.4 (2021-11-01) ================== Features added -------------- * GH#317: A new property ``system_url`` was added to DTD entities. Patch by Thirdegree. * GH#314: The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars. Patch by Isaac Jurado. Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>