Skip to content

Commit

Permalink
update Manifest.txt and CHANGELOG.md
Browse files Browse the repository at this point in the history 
[skip ci]
  • Loading branch information
@flavorjones
flavorjones committed Mar 19, 2018
1 parent 332ec6a commit 70bd089
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
# Changelog

## 2.2.1 / 2018-03-19

Addresses CVE-2018-8048. Loofah allowed non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments.

This CVE's public notice is at https://github.com/flavorjones/loofah/issues/144


## 2.2.0 / 2018-02-11

Features:
Expand Down
2 changes: 2 additions & 0 deletions Manifest.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ MIT-LICENSE.txt
Manifest.txt
README.md
Rakefile
SECURITY.md
benchmark/benchmark.rb
benchmark/fragment.html
benchmark/helper.rb
Expand All @@ -14,6 +15,7 @@ lib/loofah/elements.rb
lib/loofah/helpers.rb
lib/loofah/html/document.rb
lib/loofah/html/document_fragment.rb
lib/loofah/html5/libxml2_workarounds.rb
lib/loofah/html5/scrub.rb
lib/loofah/html5/whitelist.rb
lib/loofah/instance_methods.rb
Expand Down

0 comments on commit 70bd089

Please sign in to comment.