[ubuntu/mantic-security] tidy-html5 2:5.6.0-11ubuntu0.23.10.1 (Accepted)

[Marc Deslauriers]

tidy-html5 (2:5.6.0-11ubuntu0.23.10.1) mantic-security; urgency=medium

  * SECURITY UPDATE: arbitrary code exec via recursive parsing
    - debian/patches/CVE-2021-33391-pre1.patch: introduce stack functions
      in src/lexer.c, src/lexer.h.
    - debian/patches/CVE-2021-33391.patch: refactor the recursion into a
      loop with a heap-based stack in src/gdoc.c.
    - CVE-2021-33391

Date: 2023-11-10 10:04:09.164567+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/tidy-html5/2:5.6.0-11ubuntu0.23.10.1
-------------- next part --------------
Sorry, changesfile not available.