[ubuntu/lunar-security] tidy-html5 2:5.6.0-11ubuntu0.23.04.1 (Accepted)

[Marc Deslauriers]

tidy-html5 (2:5.6.0-11ubuntu0.23.04.1) lunar-security; urgency=medium

  * SECURITY UPDATE: arbitrary code exec via recursive parsing
    - debian/patches/CVE-2021-33391-pre1.patch: introduce stack functions
      in src/lexer.c, src/lexer.h.
    - debian/patches/CVE-2021-33391.patch: refactor the recursion into a
      loop with a heap-based stack in src/gdoc.c.
    - CVE-2021-33391

Date: 2023-11-10 10:05:09.428501+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/tidy-html5/2:5.6.0-11ubuntu0.23.04.1
-------------- next part --------------
Sorry, changesfile not available.