Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update loofah for CVE-2019-15587 vulnerability #4572

Closed
wants to merge 1 commit into from
Closed

Update loofah for CVE-2019-15587 vulnerability #4572

wants to merge 1 commit into from

Conversation

rhymes
Copy link
Contributor

@rhymes rhymes commented Oct 24, 2019

What type of PR is this? (check all applicable)

  • Refactor
  • Feature
  • Bug Fix
  • Documentation Update

Description

Loofah 2.3.0 (a library to manipulate HTML and XML) used by our RSS parser contains a known vulnerability: flavorjones/loofah#171

Related Tickets & Documents

flavorjones/loofah#171
https://nvd.nist.gov/vuln/detail/CVE-2019-15587

@rhymes rhymes requested a review from a team October 24, 2019 10:48
@pr-triage pr-triage bot added the PR: unreviewed bot applied label for PR's with no review label Oct 24, 2019
@ghost ghost requested review from jacobherrington and removed request for a team October 24, 2019 10:48
@rhymes rhymes closed this Oct 24, 2019
@rhymes
Copy link
Contributor Author

rhymes commented Oct 24, 2019

Closed in favor of #4570

@rhymes rhymes deleted the rhymes/fix-CVE-2019-15587 branch October 24, 2019 11:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
PR: unreviewed bot applied label for PR's with no review
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant