CVS commit: pkgsrc/www/lua-web-sanitize

["Nia Alarie" <nia%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   nia
Date:           Wed Feb  1 12:36:07 UTC 2023

Modified Files:
        pkgsrc/www/lua-web-sanitize: Makefile distinfo

Log Message:
lua-web-sanitize: update to 1.4.0

Stricter attribute value escaping

This is a critical update if you are using a custom white list with iframe
elements allowed. Due to their non-standard parsing within browsers it
maybe be possible to craft HTML to bypass sanitization by using an element
with an attribute value of a closing iframe tag. Those using the default
whitelist are not affected.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/lua-web-sanitize/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/lua-web-sanitize/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/lua-web-sanitize/Makefile
diff -u pkgsrc/www/lua-web-sanitize/Makefile:1.3 pkgsrc/www/lua-web-sanitize/Makefile:1.4
--- pkgsrc/www/lua-web-sanitize/Makefile:1.3    Wed Jul 13 08:44:24 2022
+++ pkgsrc/www/lua-web-sanitize/Makefile        Wed Feb  1 12:36:06 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.3 2022/07/13 08:44:24 nia Exp $
+# $NetBSD: Makefile,v 1.4 2023/02/01 12:36:06 nia Exp $
 
-DISTNAME=      web_sanitize-1.3.0
+DISTNAME=      web_sanitize-1.4.0
 PKGNAME=       ${LUA_PKGPREFIX}-${DISTNAME:S/_/-/g}
 CATEGORIES=    www lua
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=leafo/}

Index: pkgsrc/www/lua-web-sanitize/distinfo
diff -u pkgsrc/www/lua-web-sanitize/distinfo:1.5 pkgsrc/www/lua-web-sanitize/distinfo:1.6
--- pkgsrc/www/lua-web-sanitize/distinfo:1.5    Wed Jul 13 08:44:24 2022
+++ pkgsrc/www/lua-web-sanitize/distinfo        Wed Feb  1 12:36:06 2023
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.5 2022/07/13 08:44:24 nia Exp $
+$NetBSD: distinfo,v 1.6 2023/02/01 12:36:06 nia Exp $
 
-BLAKE2s (web_sanitize-1.3.0.tar.gz) = 13a976c5121c181fbd00e41c75550d329e15e50b25a35168b6a3f472bcc426a1
-SHA512 (web_sanitize-1.3.0.tar.gz) = b842d4f2cc07bd3a4cda1c57ff8c8684c1318feb22673cfeaa5a0960e5801ec21f5b9a8c16832eeb8dad0954f9e87d241694789ccf431d69c0bb9fba01c81a64
-Size (web_sanitize-1.3.0.tar.gz) = 55057 bytes
+BLAKE2s (web_sanitize-1.4.0.tar.gz) = ac1b0c4b22d52035f2b061231ed273174bee752707c9c16f1fd4cc7e5f1cbdc6
+SHA512 (web_sanitize-1.4.0.tar.gz) = 18a748df89eac379a10514947635688f9f34471174e182e25526e7959c1e83400c5aaa3b48f0ebd6348ea4cb07aad50809fecef803c226addc5a3d1d620ca86e
+Size (web_sanitize-1.4.0.tar.gz) = 55489 bytes