The version is Maverick is also affected, but I figured I would just get it fixed in Debian first and then request a sync of the new upstream version (4.1.1).
Here's the patch that would be required however if you choose not to sync the new version from Debian. ** Patch added: "htmlpurifier_410_fixes.patch" http://launchpadlibrarian.net/50453451/htmlpurifier_410_fixes.patch -- XSS in HTML purifier 3.0.0 and 4.0.0 https://bugs.launchpad.net/bugs/582576 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
