Hi folks, New bandit release 1.1.0 has been tagged. Importantly, this includes a security fix for a bug[1] in HTML formatted reports that could permit XSS.
[New Features] - New test for HTTPoxy bug (CVE-2016-5386) - Man page added [Bug Fixes] - XSS bug fixed in HTML output (Security fix) - Various typos and spelling errors fixed [Behind the Scenes] - Catch general exceptions per-file - Many docs improvements - Py3.5 bits [1] https://bugs.launchpad.net/ossn/+bug/1612988 <https://bugs.launchpad.net/ossn/+bug/1612988> __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
