Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Fedora: 2015-10139 Critical: php-htmLawed HTML Filter Fix

fedora
Calendar Grey June 30, 2015
Dist Fedora Esm H88
A security patch for php-htmLawed addresses a possible HTML filtering vulnerability in Fedora 22 to improve safety measures.
**1.1.20** - 9 June 2015

Summary

PHP code to purify and filter HTML

* make HTML markup in text secure and standard-compliant

* process text for use in HTML, XHTML or XML documents

* restrict HTML elements, attributes or URL protocols

using black or white-lists

* balance tags, check element nesting, transform deprecated

attributes and tags, make relative URLs absolute, etc.

* fast, highly customizable, well-documented

* single, 48 kb file

* simple HTML Tidy alternative

* free and licensed under LGPL v3 and GPL v2+

* use to filter, secure and sanitize HTML in blog comments or

forum posts, generate XML-compatible feed items from web-page

excerpts, convert HTML to XHTML, pretty-print HTML, scrape

web-pages, reduce spam, remove XSS code, etc.

Update Information:

**1.1.20** - 9 June 2015. Fix for a potential security vulnerability arising from unescaped double-quote character in single-quoted attribute value of some deprecated elements when tag transformation is enabled; recognition for non-(HTML4) standard 'allowfullscreen' attribute of 'iframe.'

Topics%20covered

Topics Covered

security advisory critical Fedora security fix html sanitization php-htmLawed

Change Log

* Thu Jun 18 2015 Remi Collet - 1.1.20-1 - update to 1.1.20

References

Fedora Update Notification FEDORA-2015-10139 2015-06-20 13:31:40
Name : php-htmLawed Product : Fedora 22 Version : 1.1.20 Release : 1.fc22 URL : http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/ Summary : PHP code to purify and filter HTML Description : PHP code to purify and filter HTML
* make HTML markup in text secure and standard-compliant * process text for use in HTML, XHTML or XML documents * restrict HTML elements, attributes or URL protocols using black or white-lists * balance tags, check element nesting, transform deprecated attributes and tags, make relative URLs absolute, etc. * fast, highly customizable, well-documented * single, 48 kb file * simple HTML Tidy alternative * free and licensed under LGPL v3 and GPL v2+ * use to filter, secure and sanitize HTML in blog comments or forum posts, generate XML-compatible feed items from web-page excerpts, convert HTML to XHTML, pretty-print HTML, scrape web-pages, reduce spam, remove XSS code, etc.

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php-htmLawed' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-htmLawed
Product: Fedora 22
Version: 1.1.20
Release: 1.fc22
URL: http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/
Summary: PHP code to purify and filter HTML

Topics%20covered

Topics Covered

security advisory critical Fedora security fix html sanitization php-htmLawed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here