ruby-rails-html-sanitizer_1.0.3-2_all.deb

This gem is responsible to sanitize HTML fragments in Rails applications. In Rails 4.2 and above this gem will be responsible for sanitizing HTML fragments in Rails applications, i.e. in the sanitize, sanitize_css, strip_tags and strip_links methods.

2016-03-05 - Christian Hofstaedtler <zeha@debian.org> ruby-rails-html-sanitizer (1.0.3-2) unstable; urgency=medium * Team upload. [ Cédric Boutillier ] * Bump debhelper compatibility level to 9 * Use https:// in Vcs-* fields * Bump Standards-Version to 3.9.7 (no changes needed) [ Christian Hofstaedtler ] * Drop ruby-rails from Depends, as no lib code actually loads rails; makes the dependency cycle a little less bad.

2016-01-26 - Antonio Terceiro <terceiro@debian.org> ruby-rails-html-sanitizer (1.0.3-1) unstable; urgency=high * New upstream release. Contains fixes for several XSS vulnerabilities: CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 (Closes: #812814) * debian/ruby-tests.rake: re-enable test that was disabled * 0001-Skip-some-tests-under-Debian.patch: skip tests where the sanitized HTML is XSS-free but does not match the exact content expected by the upstream test suite. I suspect that is due to Nokogiri not using its own patched version of libxml2 in Debian, but can't be sure of that yet. Also, the same tests would already fail on 1.0.2 if enabled.

2015-05-05 - Balasankar C <balasankarc@autistici.org> ruby-rails-html-sanitizer (1.0.2-1) unstable; urgency=medium * Initial release (Closes: #784326) * Disabled a test as it required gems which have Rails > 4.2.0 in its dependency chain