Ubuntu
lxml package

Change log for lxml package in Ubuntu

150 of 130 results FirstPreviousLast
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
lxml (4.9.3-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Fri, 07 Jul 2023 09:05:01 +0200
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
lxml (4.9.2-1build1) lunar; urgency=medium

  * Rebuild to drop Python 3.10 extension

 -- Jeremy Bicha <email address hidden>  Wed, 01 Mar 2023 17:59:55 -0500
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
lxml (4.9.2-1) unstable; urgency=medium

  * New upstream version.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Mon, 26 Dec 2022 11:50:51 +0100
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
lxml (4.9.1-1build1) lunar; urgency=medium

  * No-change rebuild with Python 3.11 as supported

 -- Graham Inggs <email address hidden>  Thu, 03 Nov 2022 06:29:07 +0000
Superseded in lunar-release
Published in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
lxml (4.9.1-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Sun, 17 Jul 2022 13:51:24 +0200
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
lxml (4.8.0-1build1) jammy; urgency=medium

  * No-change rebuild with Python 3.10 only

 -- Graham Inggs <email address hidden>  Wed, 16 Mar 2022 23:49:55 +0000
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
lxml (4.8.0-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Tue, 22 Feb 2022 20:12:34 +0100

Available diffs

Obsolete in impish-updates
Obsolete in impish-security 
lxml (4.6.3+dfsg-0.1ubuntu0.2) impish-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2021-43818-*.patch: prevent "@import"
      from re-occurring in the CSS after replacements and remove
      SVG image data URLs since they can embed script content in
      src/lxml/html/clean.py, src/html/tests/test_clean.py.
    - CVE-2021-43818

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 04 Jan 2022 09:53:09 -0300
Published in focal-updates
Published in focal-security 
lxml (4.5.0-1ubuntu0.5) focal-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2021-43818-*.patch: prevent "@import"
      from re-occurring in the CSS after replacements and remove
      SVG image data URLs since they can embed script content in
      src/lxml/html/clean.py, src/html/tests/test_clean.py.
    - CVE-2021-43818

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 04 Jan 2022 09:33:10 -0300
Obsolete in hirsute-updates
Obsolete in hirsute-security 
lxml (4.6.3-1ubuntu0.2) hirsute-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2021-43818-*.patch: prevent "@import"
      from re-occurring in the CSS after replacements and remove
      SVG image data URLs since they can embed script content in
      src/lxml/html/clean.py, src/html/tests/test_clean.py.
    - CVE-2021-43818

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 04 Jan 2022 09:22:22 -0300
Published in bionic-updates
Published in bionic-security 
lxml (4.2.1-1ubuntu0.6) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2021-43818-*.patch: prevent "@import"
      from re-occurring in the CSS after replacements and remove
      SVG image data URLs since they can embed script content in
      src/lxml/html/clean.py, src/html/tests/test_clean.py.
    - CVE-2021-43818

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 04 Jan 2022 10:51:53 -0300
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
lxml (4.7.1-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Mon, 10 Jan 2022 10:26:46 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
lxml (4.6.4-1ubuntu1) jammy; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2021-43818-*.patch: prevent "@import"
      from re-occurring in the CSS after replacements and remove
      SVG image data URLs since they can embed script content in
      src/lxml/html/clean.py, src/html/tests/test_clean.py.
    - CVE-2021-43818

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 04 Jan 2022 09:12:00 -0300
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
lxml (4.6.4-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Wed, 17 Nov 2021 18:17:40 +0100
Superseded in jammy-proposed 
lxml (4.6.3+dfsg-0.1build1) jammy; urgency=medium

  * No-change rebuild to add python3.10.

 -- Matthias Klose <email address hidden>  Sat, 16 Oct 2021 21:58:53 +0200
Superseded in jammy-proposed 
lxml (4.6.3+dfsg-1) unstable; urgency=medium

  * Stop building the python3-lxml-dbg package. Closes: #994308.
  * Only build documentation for the default Python version; build documentation
    for the currently built version of lxml (Sebastian Ramacher).
    Closes: #990865.
  * Do not embed timestamps in html documentation (Vagrant Cascadian).
    Closes: #990952.
  * Don't embed the build path in the documentation (Vagrant Cascadian).
    Closes: #990969.
  * Set LC_ALL and LANG to C.UTF-8 to avoid reproducibility issues when
    generating html. (Vagrant Cascadian). Closes: #990969.

 -- Matthias Klose <email address hidden>  Wed, 15 Sep 2021 12:46:13 +0200
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
lxml (4.6.3+dfsg-0.1) unstable; urgency=medium

  * Non-maintainer upload
  * Repack upstream to drop non-free and unused file (Closes: #988717)
  * Build and ship documentation (Closes: #799334)

 -- Paul Gevers <email address hidden>  Sat, 26 Jun 2021 19:40:37 +0200

Available diffs

Superseded in bionic-updates
Superseded in bionic-security 
lxml (4.2.1-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: incorrect formaction attribute input sanitization
    - debian/patches/CVE-2021-28957.patch: add HTML-5 formaction attribute
      to defs.link_attrs in src/lxml/html/defs.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2021-28957

 -- Marc Deslauriers <email address hidden>  Mon, 29 Mar 2021 12:04:43 -0400
Superseded in focal-updates
Superseded in focal-security 
lxml (4.5.0-1ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: incorrect formaction attribute input sanitization
    - debian/patches/CVE-2021-28957.patch: add HTML-5 formaction attribute
      to defs.link_attrs in src/lxml/html/defs.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2021-28957

 -- Marc Deslauriers <email address hidden>  Mon, 29 Mar 2021 12:04:02 -0400
Published in xenial-updates
Published in xenial-security 
lxml (3.5.0-1ubuntu0.4) xenial-security; urgency=medium

  * SECURITY UPDATE: incorrect formaction attribute input sanitization
    - Add HTML-5 formaction attribute to defs.link_attrs in
      src/lxml/html/defs.py, src/lxml/html/tests/test_clean.py.
    - CVE-2021-28957

 -- Marc Deslauriers <email address hidden>  Mon, 29 Mar 2021 12:05:53 -0400
Obsolete in groovy-updates
Obsolete in groovy-security 
lxml (4.5.2-1ubuntu0.4) groovy-security; urgency=medium

  * SECURITY UPDATE: incorrect formaction attribute input sanitization
    - debian/patches/CVE-2021-28957.patch: add HTML-5 formaction attribute
      to defs.link_attrs in src/lxml/html/defs.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2021-28957

 -- Marc Deslauriers <email address hidden>  Mon, 29 Mar 2021 12:01:32 -0400
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
lxml (4.6.3-1) unstable; urgency=high

  * New upstream version.
    - A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner,
      which allowed JavaScript to pass through. The cleaner now removes the
      HTML5 formaction attribute. 

 -- Matthias Klose <email address hidden>  Mon, 22 Mar 2021 14:31:55 +0100

Available diffs

Superseded in groovy-updates
Superseded in groovy-security 
lxml (4.5.2-1ubuntu0.3) groovy-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2020-27783-part2*.patch:
      This adds the missing part reported from upstream
      Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783
  * Adding --with-cython to debian/rules in order to it build compile the .py
    files changed and regenerate the .c files to the binaries.

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 10 Dec 2020 12:55:54 -0300
Superseded in focal-updates
Superseded in focal-security 
lxml (4.5.0-1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2020-27783-part2*.patch:
      This adds the missing part reported from upstream
      Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783
  * Adding --with-cython to debian/rules in order to it build compile the .py
    files changed and regenerate the .c files to the binaries.

 -- Leonidas Da Silva Barbosa <email address hidden>  Wed, 09 Dec 2020 21:56:41 -0300
Superseded in bionic-updates
Superseded in bionic-security 
lxml (4.2.1-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - debian/patches/CVE-2020-27783-part2.patch:
      This adds the missing part reported from upstream
      Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783
  * Adding --with-cython to debian/rules in order to it build compile the .py
    files changed and regenerate the .c files to the binaries.

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 10 Dec 2020 14:18:33 -0300
Superseded in xenial-updates
Superseded in xenial-security 
lxml (3.5.0-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - This adds the missing part reported from upstream
      Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783

 -- Leonidas Da Silva Barbosa <email address hidden>  Wed, 09 Dec 2020 22:01:26 -0300
Published in precise-updates
Published in precise-security 
lxml (2.3.2-1ubuntu0.5) precise-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - This adds the missing part reported from upstream
      Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 10 Dec 2020 09:24:15 -0300
Superseded in xenial-updates
Superseded in xenial-security 
lxml (3.5.0-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 08 Dec 2020 13:51:53 -0300
Superseded in focal-updates
Superseded in focal-security 
lxml (4.5.0-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 08 Dec 2020 13:54:35 -0300
Superseded in bionic-updates
Superseded in bionic-security 
lxml (4.2.1-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 08 Dec 2020 13:53:38 -0300
Superseded in groovy-updates
Superseded in groovy-security 
lxml (4.5.2-1ubuntu0.1) groovy-security; urgency=medium

  * SECURITY UPDATE: XSS vulnerability
    - Prevent combinations of <noscript> and <style> to sneak
      JS through the HTML cleaner in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.py.
    - CVE-2020-27783

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 08 Dec 2020 13:56:06 -0300
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
lxml (4.6.2-1) unstable; urgency=medium

  * New upstream version.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Mon, 07 Dec 2020 18:22:48 +0100
Superseded in hirsute-proposed 
lxml (4.6.1-1build1) hirsute; urgency=medium

  * No-change rebuild to drop python3.8 extensions.

 -- Matthias Klose <email address hidden>  Mon, 07 Dec 2020 18:20:21 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
lxml (4.5.2-1build1) hirsute; urgency=medium

  * No-change rebuild to build with python3.9 as supported.

 -- Matthias Klose <email address hidden>  Sat, 24 Oct 2020 13:18:28 +0200
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
lxml (4.6.1-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <email address hidden>  Thu, 22 Oct 2020 18:02:16 +0200
Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
lxml (4.5.2-1) unstable; urgency=medium

  * New upstream version.
  * Stop building python2 packages.
  * Bump debhelper version.

 -- Matthias Klose <email address hidden>  Fri, 17 Jul 2020 11:05:52 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
lxml (4.5.0-1.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Remove bogus breaks on python-lxml (Closes: #959687)

 -- Paul Wise <email address hidden>  Fri, 12 Jun 2020 07:38:26 +0800

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
lxml (4.5.0-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Drop python2 support; Closes: #936973
  * Install documentation under python-lxml-doc
  * python3-lxml takes over some file from python-lxml, so Breaks+Replaces it

 -- Sandro Tosi <email address hidden>  Mon, 13 Apr 2020 12:39:33 -0400

Available diffs

Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
lxml (4.5.0-1) unstable; urgency=medium

  * New upstream version.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Tue, 18 Feb 2020 16:57:26 +0100
Superseded in focal-proposed 
lxml (4.4.2-1build1) focal; urgency=medium

  * No-change rebuild to drop python3.7.

 -- Matthias Klose <email address hidden>  Tue, 18 Feb 2020 10:44:09 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
lxml (4.4.2-1) unstable; urgency=medium

  * New upstream version.
  * python-lxml-dbg: Depend on python2-dbg instead of python-dbg.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Thu, 09 Jan 2020 13:55:11 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
lxml (4.4.1-1build1) focal; urgency=medium

  * No-change rebuild to build with python3.8.

 -- Matthias Klose <email address hidden>  Fri, 18 Oct 2019 18:32:44 +0000
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
lxml (4.4.1-1) unstable; urgency=medium

  * New upstream version.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Thu, 15 Aug 2019 19:27:20 +0200

Available diffs

Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
lxml (4.3.3-2) unstable; urgency=medium

  * python-lxml-doc: Recommend python3-lxml instead of python-lxml.

 -- Matthias Klose <email address hidden>  Wed, 22 May 2019 14:42:58 +0200
Superseded in eoan-proposed 
lxml (4.3.3-1ubuntu1) eoan; urgency=medium

  * Do not recommend py2 pacakge from the docs package.

 -- Dimitri John Ledkov <email address hidden>  Wed, 22 May 2019 15:17:16 +0100
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
lxml (4.3.3-1) unstable; urgency=medium

  * New upstream version.
    - Fix leak of output buffer and unclosed files in
      ``_XSLTResultTree.write_output()``.

 -- Matthias Klose <email address hidden>  Wed, 10 Apr 2019 10:49:36 +0200

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
lxml (4.3.2-1) unstable; urgency=medium

  * New upstream version.
    - Fix crash in 4.3.1 when appending a child subtree with certain text nodes.

 -- Matthias Klose <email address hidden>  Tue, 05 Mar 2019 16:27:09 +0100

Available diffs

Superseded in disco-proposed 
lxml (4.3.1-1) unstable; urgency=medium

  * New upstream version 4.3.1.

 -- Matthias Klose <email address hidden>  Wed, 20 Feb 2019 16:27:45 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
lxml (4.3.0-1) unstable; urgency=medium

  * New upstream version 4.3.0.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Fri, 18 Jan 2019 10:04:35 +0100
Superseded in bionic-updates
Superseded in bionic-security 
lxml (4.2.1-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS attacks
    - debian/patches/CVE-2018-19787.patch:
      Make the cleaner remove javascript URLs
      that use espacing in in src/lxml/html/clean.py,
      src/lxml/html/tests/test_clean.txt.
    - CVE-2018-19787

 -- <email address hidden> (Leonidas S. Barbosa)  Fri, 07 Dec 2018 09:50:09 -0300
150 of 130 results FirstPreviousLast