[Bug 2060811] [NEW] FFe updating lxml to the 5.2.1 release

Wed, 10 Apr 2024 06:13:32 -0700 

Public bug reported:

updating lxml to the 5.2.1 release allows us to gid rid off the lxml-
html-clean module into a separate package lxmö-html-clean (already in
noble), and demote it to universe  This module is responsible for almost
all CVEs in lxml in the past years.

Changes in 5.2.1 compared to 5.1.0:

5.2.1 (2024-04-02)
==================

Bugs fixed
----------

* LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was 
set back to
  "core2", but with SSE 4.2 enabled.

* LP#2059977: ``Element.iterfind("//absolute_path")`` failed with a 
``SyntaxError``
  where it should have issued a warning.

* GH#416: The documentation build was using the non-standard ``which`` command.
  Patch by Michał Górny.


5.2.0 (2024-03-30)
==================

Other changes
-------------

* LP#1958539: The ``lxml.html.clean`` implementation suffered from several 
(only if used)
  security issues in the past and was now extracted into a separate library:

  https://github.com/fedora-python/lxml_html_clean

  Projects that use lxml without "lxml.html.clean" will not notice any 
difference,
  except that they won't have potentially vulnerable code installed.
  The module is available as an "extra" setuptools dependency 
"lxml[html_clean]",
  so that Projects that need "lxml.html.clean" will need to switch their 
requirements
  from "lxml" to "lxml[html_clean]", or install the new library themselves.

* The minimum CPU architecture for the Linux x86 binary wheels was upgraded to
  "sandybridge" (launched 2011), and glibc 2.28 / gcc 12 (manylinux_2_28) 
wheels were added.

* Built with Cython 3.0.10.

** Affects: lxml (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2060811

Title:
  FFe updating lxml to the 5.2.1 release

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxml/+bug/2060811/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to