Patch for CVE-2023-34624 planned?

Brought to you by: patmoore, scottwilson, vnikic

Patch for CVE-2023-34624 planned?

Forum: Open Discussion

Creator: Ralf Purnhagen

Created: 2023-06-19

Updated: 2023-06-20

Ralf Purnhagen - 2023-06-19

A couple of days ago CVE-2023-34624 has been published. Do you plan to release a fix for this CVE in a next version of HtmlCleaner?

Thanks

Last edit: Ralf Purnhagen 2023-06-19

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Scott Wilson - 2023-06-19

Hi Ralf,

Slightly puzzling that it points to the Github fork from 10 years ago while referring to v2.28!

I'll take a look at it.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Scott Wilson - 2023-06-19

OK, fixed. There's a new release, 2.29, that implements an arbitrary maximum nesting depth. Its configurable via cleaner properties.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Scott Wilson - 2023-06-19

OK, fixed. There's a new release, 2.29, that implements an arbitrary maximum nesting depth. Its configurable via cleaner properties.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ralf Purnhagen - 2023-06-20

Thank you for your quick response!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.