On 18-03-24 16:41:17, Georg Faerber wrote: > --- ruby-loofah-2.0.3/debian/changelog 2016-01-07 14:22:29.000000000 > +0100 > +++ ruby-loofah-2.0.3/debian/changelog 2018-03-24 16:13:55.000000000 > +0100 > @@ -1,3 +1,10 @@ > +ruby-loofah (2.0.3-2+deb9u1) stretch-security; urgency=high > + > + * Introduce upstream patch to address a potential cross-site scripting > + vulnerability caused by libxml >= 2.9.2. (Closes: #893596) > (CVE-2018-8048)
^^^^^^
That should have been libxml2, fixed in git.
> +
> + -- Georg Faerber <[email protected]> Sat, 24 Mar 2018 16:13:55 +0100
> +
> ruby-loofah (2.0.3-2) unstable; urgency=medium
signature.asc
Description: Digital signature
