Accepted libhtmlcleaner-java 2.26-1+deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted libhtmlcleaner-java 2.26-1+deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 12 Aug 2023 11:02:13 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: libhtmlcleaner-java_2.26-1+deb12u1_source.changes
- Debian-source: libhtmlcleaner-java
- Debian-suite: proposed-updates
- Debian-version: 2.26-1+deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=0aBa68/IVdEp5zxwGgFo2IK4GNcPgzS5rC8iEzAFCoQ=; b=cgZfsDGVW336OWmTta99oka2kD NVNkSLiwO+h7fDlL5XKpXIftjS6isLEk5cPdJ9RzQz0V9kKg5A4d/YnfklDdJnVR5iU/gwfLBgkvV itmSsIceG57smulEvR7yBNFqWqkTbkPFmVjZoJ8d6UUl5Kp84YEUuF+QAH+Fw4tmczEwA/7tZ4f67 jGdx53nANZrp5gXywzKMe914mKAmdpUz8sBpK1RiLKn9F1YxsxnE4KagAt8V73MxIX0HwDmnrQBSt Gpb/gtB1qquSOuVTk4XYGMXufXBG0A/lZmPD3MClR978OTsaKKI57keZGDIePi1B3NaaAt3PdyTOT yzPxu79Q==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qUmNp-00CyNg-9F@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 7 Aug 2023 18:17:55 CEST
Source: libhtmlcleaner-java
Architecture: source
Version: 2.26-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Alexandre Rossi <alexandre.rossi@gmail.com>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
76ae5ba9f0674e4d00b3909edfaf88cb5a04f598 2396 libhtmlcleaner-java_2.26-1+deb12u1.dsc
d6f9d95cb52760deba3768ecb76aa737341da7a8 205040 libhtmlcleaner-java_2.26.orig.tar.xz
c1b302f8a4e34feab5fbd4076d176e1f8fda2977 9596 libhtmlcleaner-java_2.26-1+deb12u1.debian.tar.xz
035654677e8f1353a12c7b21128d0265841bd694 15381 libhtmlcleaner-java_2.26-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
c82899da2bf59c41b47355d70817bd615447ec94551270fd90f4c1b210f71cc9 2396 libhtmlcleaner-java_2.26-1+deb12u1.dsc
97911a4fba03c64e13ae4d38a7b2f56c73075c1c38e418bfca1b520d8821be6c 205040 libhtmlcleaner-java_2.26.orig.tar.xz
a89cd6cc7cabf43f93fb0c58c919515ebd7917910a2761ef6fcf5bae4a464651 9596 libhtmlcleaner-java_2.26-1+deb12u1.debian.tar.xz
578cfbc2dcf8371bd8c34496eb7680792bf5088fd6fc005d9f78594a7d96abb2 15381 libhtmlcleaner-java_2.26-1+deb12u1_amd64.buildinfo
Changes:
libhtmlcleaner-java (2.26-1+deb12u1) bookworm-security; urgency=high
.
* Non-maintainer upload.
* Fix CVE-2023-34624:
A security vulnerability has been discovered in libhtmlcleaner-java, a Java
HTML parser library. An attacker was able to cause a denial of service
(StackOverflowError) if the parser runs on user supplied input with deeply
nested HTML elements. This update introduces a new nesting depth limit
which can be overridden in cleaner properties.
Files:
b2b2183edc04c37b0b67ca76d0104d84 2396 java optional libhtmlcleaner-java_2.26-1+deb12u1.dsc
401c68be313ef81ce19b986cdc3f4d37 205040 java optional libhtmlcleaner-java_2.26.orig.tar.xz
0614b4cad74ad5973cf58d06e394a154 9596 java optional libhtmlcleaner-java_2.26-1+deb12u1.debian.tar.xz
1c83405453b84b32e4a05cd56d3580c7 15381 java optional libhtmlcleaner-java_2.26-1+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTRGXVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkz/cQAKlHYoTz12XNel9nCkHLIgZ5PhrpFdDCR83k
d9id/gQiaFuNcgcfGE1DAUceYc7ioKZ3Kesiif6pJ1yd9hL4e0za6401XuTZ4eWd
XOb2QAgKe6f9zrSjcVRZy3Wi/CFVGUvFFZlwuydR8afsxTlJ0EcZXdA4gqKKxPB5
M6zzf/0b2THeWF+wvOxiErFMf2TpBCwyIeG1kPqe6FmfX+uI+iZjuVhuFkIe4XnS
FZQ38ec+yMJbT/lqgRbF4b9YrrFEQbiSS4mVsovdoXZ4EGMp9JkUMnDAFn8GVOsS
UwA8Dp+MuY3eNw+DSQ4F7V79maBGoPOu+B8xkWNjPFbujadID8Y2ZDfc3RnXIVgM
sUXu8DE2+OzkYM5i63A2zJZMJn4k9ENTnMdlf4ehsHUaHbArwWUz5zvdUdDJ4sGE
Zrq0r7HIEhgtxq5y78S3Dw5gybliKuztYACRXBUW29iOBYl4VjIEQuob7sUjPiTO
0fa31kD44y8I+yKyszMSpc2BBGldmZtxhplMxwZrzl/GROrm6y6uzTzpNN9S94nX
9Giquk+nvJtoNdXZSIgvaT67+bjQxg3CKnQUw0ERqtDDNiRCrW3OhbxDbvuHojP2
rK9j06COBBlYK2Pbs0tsF7OWiriJdKiy38cEpMq0kx/ZcPjJn5hzXjMPJ3G3Gt56
9tQUeAQ/
=pNzZ
-----END PGP SIGNATURE-----