Package Release Info

python-bleach-2.1.3-bp150.2.4

Update Info: Base Release
Available in Package Hub : 15

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

python2-bleach
python3-bleach

Change Logs

Version: 2.1.3-bp150.2.3
* Tue Mar 20 2018 kbabioch@suse.com
- Update to version 2.1.3:
  * Attributes that have URI values weren't properly sanitized if the
    values contained character entities. Using character entities, it
    was possible to construct a URI value with a scheme that was not
    allowed that would slide through unsanitized.
    (CVE-2018-7753 bnc#1085969)
* Thu Dec 07 2017 arun@gmx.de
- specfile:
  * update copyright year
- update to version 2.1.2:
  * Bug fixes
    + Support html5lib-python 1.0.1. (#337)
    + Add deprecation warning for supporting html5lib-python < 1.0.
    + Switch to semver.
* Sat Nov 11 2017 arun@gmx.de
- specfile:
  * update copyright year
- update to version 2.1.1:
  * Bug fixes
    + Fix setup.py opening files when LANG=. (#324)
- changes from version 2.1:
  * Security fixes
    + Convert control characters (backspace particularly) to “?”
    preventing malicious copy-and-paste situations. (#298)
    See https://github.com/mozilla/bleach/issues/298 for more details.
    This affects all previous versions of Bleach. Check the comments
    on that issue for ways to alleviate the issue if you can’t
    upgrade to Bleach 2.1.
  * Backwards incompatible changes
    + Redid versioning. bleach.VERSION is no longer available. Use the
    string version at bleach.__version__ and parse it with
    pkg_resources.parse_version. (#307)
    + clean, linkify: linkify and clean should only accept text types;
    thank you, Janusz! (#292)
    + clean, linkify: accept only unicode or utf-8-encoded str (#176)
  * Bug fixes
    + bleach.clean() no longer unescapes entities including ones that
    are missing a ; at the end which can happen in urls and other
    places. (#143)
    + linkify: fix http links inside of mailto links; thank you,
    sedrubal! (#300)
    + clarify security policy in docs (#303)
    + fix dependency specification for html5lib 1.0b8, 1.0b9, and
    1.0b10; thank you, Zoltán! (#268)
    + add Bleach vs. html5lib comparison to README; thank you, Stu
    Cox! (#278)
    + fix KeyError exceptions on tags without href attr; thank you,
    Alex Defsen! (#273)
    + add test website and scripts to test bleach.clean() output in
    browser; thank you, Greg Guthe!
* Wed Apr 12 2017 toddrme2178@gmail.com
- Fix source URL.
* Thu Apr 06 2017 toddrme2178@gmail.com
- Update to Version 2.0.0
  + Backwards incompatible changes
  * Removed support for Python 2.6. #206
  * Removed support for Python 3.2. #224
  * Bleach no longer supports html5lib < 0.99999999 (8 9s).
  * ``bleach.clean`` and friends were rewrittenped.
  * ``bleach.clean`` and friends attribute callables now take three arguments:
    tag, attribute name and attribute value. Previously they only took attribute
    name and attribute value.
  * ``bleach.linkify`` was rewritten
  * ``bleach.linkify`` and friends had a ``skip_pre`` argument--that's been
    replaced with a more general ``skip_tags`` argument.
  + Changes
  * Supports Python 3.6.
  * Supports html5lib >= 0.99999999 (8 9s).
  * There's a ``bleach.sanitizer.Cleaner`` class that you can instantiate with your
    favorite clean settings for easy reuse.
  * There's a ``bleach.linkifier.Linker`` class that you can instantiate with your
    favorite linkify settings for easy reuse.
  * There's a ``bleach.linkifier.LinkifyFilter`` which is an htm5lib filter that
    you can pass as a filter to ``bleach.sanitizer.Cleaner`` allowing you to clean
    and linkify in one pass.
  * ``bleach.clean`` and friends can now take a callable as an attributes arg value.
  * Tons of bug fixes.
  * Cleaned up tests.
  * Documentation fixes.
- Update to Version 1.5
  + Backwards incompatible changes
  * clean: The list of ``ALLOWED_PROTOCOLS`` now defaults to http, https and
    mailto.
  + Changes
  * clean: Added ``protocols`` to arguments list to let you override the list of
    allowed protocols. Thank you, Andreas Malecki! #149
  * linkify: Fix a bug involving periods at the end of an email address. Thank you,
    Lorenz Schori! #219
  * linkify: Fix linkification of non-ascii ports. Thank you Alexandre, Macabies!
    [#207]
  * linkify: Fix linkify inappropriately removing node tails when dropping nodes.
    [#132]
  * Fixed a test that failed periodically. #161
  * Switched from nose to py.test. #204
  * Add test matrix for all supported Python and html5lib versions. #230
  * Limit to html5lib ``>=0.999,!=0.9999,!=0.99999,<0.99999999`` because 0.9999
    and 0.99999 are busted.
  * Add support for ``python setup.py test``. #97
- Update to Version 1.4.3 (May 23rd, 2016)
  + Changes
  * Limit to html5lib ``>=0.999,<0.99999999`` because of impending change to
    sanitizer api. #195
- Update to Version 1.4.2
  + Changes
  * linkify: Fix hang in linkify with ``parse_email=True``. #124
  * linkify: Fix crash in linkify when removing a link that is a first-child. #136
  * Updated TLDs.
  * linkify: Don't remove exterior brackets when linkifying. #146
- Implemenet single-spec version
* Thu Sep 03 2015 toddrme2178@gmail.com
- Fix build on SLE 11
* Fri Aug 07 2015 hpj@urpla.net
- eabled checks again: don't know, why they failed in the first place
* Thu Jul 30 2015 hpj@urpla.net
- disabled checks: developer unresponsive
* Wed Jun 17 2015 hpj@urpla.net
- updated to version 1.4.1
* Mon May 26 2014 hpj@urpla.net
- version 1.4: initial build