-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3227-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 07, 2022 https://wiki.debian.org/LTS - -----------------------------------------------------------------------
Package : ruby-rails-html-sanitizer Version : 1.0.4-1+deb10u1 CVE ID : CVE-2022-32209 Debian Bug : 1013806 A potential cross-site scripting (XSS) vulnerability was discovered in ruby-rails-html-sanitizer, a library to clean (or "sanitize") HTML for rendering within Ruby on Rails web applications. For Debian 10 buster, this problem has been fixed in version 1.0.4-1+deb10u1. We recommend that you upgrade your ruby-rails-html-sanitizer packages. For the detailed security status of ruby-rails-html-sanitizer please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ruby-rails-html-sanitizer Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmOPkZUACgkQgj6WdgbD S5bCXxAArVopry5Kz8ymcFkCkYGIyYM/dQ9Ny6KXNfvCWaMEhCU8pLFhVAb0qzFu UinS2B9wKwMGgstXlPH2s4so5Ex6mawxc63t7dyFFCeE/TjHlsYMlyVDt3WcWrJK rvqMlYrdwsWEqP/1iLRebmB/YnOQnTuQkyIvNWtyq7K2hDo/XcL24bh7nYfLHmf7 qDlL33Ful6qJtG7035PC79tU+55CWOX0DxU46RKwKqPGgzVUwNhVY9WXbAh79b9m AD70PaSE92vG1niQFQ6Jj6st+JzWRO14/jKEdC/hhCJoxmOSARl7kKJMuiBa5GPf pocKRLXUTCoh+rt0JfKLyhthj5YNsSwmyIulXYv0SRhnIVfjK2mFg6QIeN/Nogvk jTy8vpScjr3VS3//BW9nxNLFCqX+7MbgTPzqXE2cpURmFygquGSWGP4cAaFKKT7f 3o6q2VOS4Jk9XvLTjKbEbRAXP8WluZjLcTlEwJlZWdNqq1lAx1/3X2a3uJIgcfOV sPNCBvd7eZLYJJruSSiDmuJEOZKV439RO5v1SvaVL+Z1P7z0W+TwSuprckiLVnWa Kwe6ItNShD2WrLhCLH6LJFMjwT+5uej+krLHaAvkVgDQAWepB2idrRhodwyxC8qQ TMgiO4r6t6OniFfLxdQwpSbizYEBiMXVOEpynq16DZePiyqqJcM= =gM7j -----END PGP SIGNATURE-----
