ruby-rails-html-sanitizer - HTML sanitization for Rails applications
# sudo apt-get update
# sudo apt-get install ruby-rails-html-sanitizer
2016-03-05 - Christian Hofstaedtler <zeha@debian.org> ruby-rails-html-sanitizer (1.0.3-2) unstable; urgency=medium * Team upload. [ Cédric Boutillier ] * Bump debhelper compatibility level to 9 * Use https:// in Vcs-* fields * Bump Standards-Version to 3.9.7 (no changes needed) [ Christian Hofstaedtler ] * Drop ruby-rails from Depends, as no lib code actually loads rails; makes the dependency cycle a little less bad.
2016-01-26 - Antonio Terceiro <terceiro@debian.org> ruby-rails-html-sanitizer (1.0.3-1) unstable; urgency=high * New upstream release. Contains fixes for several XSS vulnerabilities: CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 (Closes: #812814) * debian/ruby-tests.rake: re-enable test that was disabled * 0001-Skip-some-tests-under-Debian.patch: skip tests where the sanitized HTML is XSS-free but does not match the exact content expected by the upstream test suite. I suspect that is due to Nokogiri not using its own patched version of libxml2 in Debian, but can't be sure of that yet. Also, the same tests would already fail on 1.0.2 if enabled.
2015-05-05 - Balasankar C <balasankarc@autistici.org> ruby-rails-html-sanitizer (1.0.2-1) unstable; urgency=medium * Initial release (Closes: #784326) * Disabled a test as it required gems which have Rails > 4.2.0 in its dependency chain