- ------------------------------------------------------------------------- Debian Security Advisory DSA-5339-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 05, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libhtml-stripscripts-perl CVE ID : CVE-2023-24038 Debian Bug : 1029400 Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes. For the stable distribution (bullseye), this problem has been fixed in version 1.06-1+deb11u1. We recommend that you upgrade your libhtml-stripscripts-perl packages. For the detailed security status of libhtml-stripscripts-perl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libhtml-stripscripts-perl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected]