logo
DATABASE RESOURCES PRICING ABOUT US

ruby-loofah - security update

Description

It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements. For the stable distribution (stretch), this problem has been fixed in version 2.0.3-2+deb9u2. We recommend that you upgrade your ruby-loofah packages. For the detailed security status of ruby-loofah please refer to its security tracker page at: [\ https://security-tracker.debian.org/tracker/ruby-loofah](https://security-tracker.debian.org/tracker/ruby-loofah)


Affected Software


CPE Name Name Version
ruby-loofah 2.0.3-2+deb9u1
ruby-loofah 2.0.3-2

Related