python3-bleach-3.1.5-bp152.2.4.1<>,]`wX!M@eeeRV?Qf5 ҕuJXҸ>쓄Jfw}5A y=6E0ڎI/3*pfo})cPW4Dm|4#$:Ml9GMt4cwX>}!ԭsN{RnǮ3{kiE8f q4J7a׏tzu0kP-)qn@&g׏ѱT+BV\$DsH/4YBkḧxnjeD}-YīscΤp#fm>>>|?>ld # J !(     (        (   h  D  (1889:XF4G4 H5l I5 X6 Y6\6$ ]6 ^8b:1c:d;e;f;l;u; v< w< x=D y=z> >> >&>hCpython3-bleach3.1.5bp152.2.4.1A whitelist-based HTML-sanitizing toolBleach is an HTML sanitation library that escapes or strips markup and attributes based on a white list. Bleach can also linkify text safely, applying filters that Django's ``urlize`` filter cannot, and optionally setting ``rel`` attributes, even on links already in the text. Bleach is intended for sanitizing text from *untrusted* sources. Because it relies on html5lib, Bleach is as good as modern browsers at dealing with weird, quirky HTML fragments. Bleach's methods will fix unbalanced or mis-nested tags. Documentation is at http://bleach.readthedocs.org/ .`wXold-cirrus3SUSE Linux Enterprise 15openSUSEApache-2.0http://bugs.opensuse.orgDevelopment/Languages/Pythonhttp://github.com/jsocol/bleachlinuxnoarchp"tt))00..33GN<T[B 9AA큤A큤A큤A큤`wP`wQ`wP`wP`wP`wP`wP`wP^`wP`wP`wP`wP`wP`wP`wP`wP`wP`wP`wP`wP`wP^_`u^_`u^Ey`wX^^_`wX\ G154dc4393b08a3d471447713d95bcbc3f3cc0acee7fe541c3cbc17fd4a75364cccf8845b0dc30f1941d34b761b77179fea61d72fcc4088249d1d7337a20f20a501ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546bcf924bf9a2204ef9704af6d1298bfb33022c18bebe7100ba78143bab3932f9e675cbf4c0a232481d333230045cbc18e15d3edc837d519406013d700e67d02026fb75956879d9c42bad91ea83b3469e70b714dc12771b1b93a26db52c1a7e2d71cc87318bbb73f26e31b6472be4e9bf332d218cee066060e139168e89831fbf03461e32cb3dcf31c366dcf6726c33fe4c5388e64122301ce965316e28e8dce52155615413eea86cf566f612f29e9cc309a694fdfb04a6aa92bfada3ba626d0cea8a35c6ece3a79c4fa41286b04c2ed21a650c57a0c065788660fc81bb046dc6081a00626422cfe1c509e78667d6c369986806f82f41ed97bc5c11cae9f4539740810b56bff6dd49bb3adb9d23fef21367d9672758cfb7daca76d22743c0c3a02490fad3c8060cc2c91f8345f583a35b636204dc1539251c4416d22aa98df596d68aeb838559931375ad20a63e4530f4b545408449adda1ea908276a48b85e08e276460b572983aca2769e0350776aa22a1888eaa1ad31bbb8257cc68a2e433d303c15e3a9935f1948325dc9752937709a933a86996874e3262aa2fec73e90b8137e02290b0fe144a3bded1a99e6b11c69cb800b233f121035cc309aec0493733c5f0157283667d6c7487be159e8a9a510b047de4d147a25a6e2bc7788f761ba5d1f65c6348f7f39b11d11c5144ef07bbac87350df036865674974374dbcba03655ed0347787be474e4cf6736fd97642c3a641a3aad93bc11106083405ac51f2a75b15605e717ed58482cf2c720a3bea66d70775310c3c0357c66cddd800bc7dceee8b8007cb2a58aee235cbef02642699015ca1e06cc4fa463c26f3861c602317c5e86404ad1ba20297676e8b1454facde009a34b19e1364a40666aed204015426fdd1f56be4d03aed9511bb0923488b41de48ac0e42110c1a0f658460e8bce22f8d98e83f031449c17ac64aa70cea38481a69a6dccf6e22d66a4f30b9b4a64fdbec2238c149a632b8fb26813f687aceabab80327f3270769c2c16157883d3130rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpython-bleach-3.1.5-bp152.2.4.1.src.rpmpython3-bleach@      python(abi)python3-html5libpython3-packagingpython3-sixrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.61.0.01.93.0.4-14.6.0-14.0.4-14.0-15.2-14.14.1`u^^@^x^Y]1\{\\l@ZZ)-@Z@XX-U6@UĝUUa@Andreas Stieger Tomáš Chvátal Dirk Mueller Dirk Mueller Alexandros Toptsoglou Tomáš Chvátal John Vandenberg Jan Engelhardt Matej Cepl kbabioch@suse.comarun@gmx.dearun@gmx.detoddrme2178@gmail.comtoddrme2178@gmail.comtoddrme2178@gmail.comhpj@urpla.nethpj@urpla.nethpj@urpla.net- Fix CVE-2021-23980: mutation XSS on bleach.clean with specific combinations of allowed tags (boo#1184547) add bleach-3.1.5-CVE-2021-23980.patch- Update to 3.1.5: * replace missing ``setuptools`` dependency with ``packaging``. Thank you Benjamin Peterson.- update to 3.1.4 (bsc#1168280, CVE-2020-6817): * ``bleach.clean`` behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to ``bleach.clean`` with an allowed tag with an allowed ``style`` attribute were vulnerable to ReDoS. For example, ``bleach.clean(..., attributes={'a': ['style']})``. * Style attributes with dashes, or single or double quoted values are cleaned instead of passed through.- update to 3.1.3 (bsc#1167379, CVE-2020-6816): * Add relative link to code of conduct. (#442) * Drop deprecated 'setup.py test' support. (#507) * Fix typo: curren -> current in tests/test_clean.py (#504) * Test on PyPy 7 * Drop test support for end of life Python 3.4 * ``bleach.clean`` behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS. Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or ``svg`` tags and one or more of the RCDATA tags ``script``, ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or ``xmp`` in the allowed tags whitelist were vulnerable to a mutation XSS.- Update to V3.1.1: Security update for CVE-2020-6802 * CVE-2020-6802: Fixed mutation XSS vulnerabilities (bsc#1165303).- Restrict pytest to <5.0; upstream has an issue already reported- Add de-vendor.patch to avoid new vendoring of html5lib in v3.1.0 - Remove direct dependency on webencodings, a dependency of html5lib - Update to v3.1.0 * Add ``recognized_tags`` argument to the linkify ``Linker`` class. This fixes issues when linkifying on its own and having some tags get escaped. It defaults to a list of HTML5 tags * Add ``six>=1.9`` to requirements * Fix cases where attribute names could have invalid characters in them. * Fix problems with ``LinkifyFilter`` not being able to match links across ``&``. * Fix ``InputStreamWithMemory`` when the ``BleachHTMLParser`` is parsing ``meta`` tags * Fix doctests. - from v3.0.2 * Merge ``Characters`` tokens after sanitizing them. This fixes issues in the ``LinkifyFilter`` where it was only linkifying parts of urls - from v3.0.1 * Support Python 3.7. It supported Python 3.7 just fine, but 3.7 was added to the list of Python environments being test * Fix ``list`` object has no attribute ``lower`` in ``clean`` * Fix ``abbr`` getting escaped in ``linkify`` - from v3.0.0 * [breaking] A bunch of functions were moved from one module to another. These were moved from ``bleach.sanitizer`` to ``bleach.html5lib_shim``: + convert_entity + convert_entities + match_entity + next_possible_entity + BleachHTMLSerializer + BleachHTMLTokenizer + BleachHTMLParser These functions and classes weren't documented and aren't part of the public API, but people read code and might be using them so we're considering it an incompatible API change. If you're using them, you'll need to update your code. * Bleach no longer depends on html5lib. html5lib==1.0.1 is now vendored into Bleach. You can remove it from your requirements file if none of your other requirements require html5lib. This means Bleach will now work fine with other libraries that depend on html5lib regardless of what version of html5lib they require. * Fixed tags getting added when using clean or linkify. This was a long-standing regression from the Bleach 2.0 rewrite * Fixed ```` getting replaced with a string. Now it gets escaped or stripped depending on whether it's in the allowed tags or not - from v2.1.4 * Dropped support for Python 3.3 * Handle ambiguous ampersands in correctly- Trim rhetorics and bias from descriptions.- Remove superfluous devel dependency for noarch package- Update to version 2.1.3: * Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized. (CVE-2018-7753 bnc#1085969)- specfile: * update copyright year - update to version 2.1.2: * Bug fixes + Support html5lib-python 1.0.1. (#337) + Add deprecation warning for supporting html5lib-python < 1.0. + Switch to semver.- specfile: * update copyright year - update to version 2.1.1: * Bug fixes + Fix setup.py opening files when LANG=. (#324) - changes from version 2.1: * Security fixes + Convert control characters (backspace particularly) to “?” preventing malicious copy-and-paste situations. (#298) See https://github.com/mozilla/bleach/issues/298 for more details. This affects all previous versions of Bleach. Check the comments on that issue for ways to alleviate the issue if you can’t upgrade to Bleach 2.1. * Backwards incompatible changes + Redid versioning. bleach.VERSION is no longer available. Use the string version at bleach.__version__ and parse it with pkg_resources.parse_version. (#307) + clean, linkify: linkify and clean should only accept text types; thank you, Janusz! (#292) + clean, linkify: accept only unicode or utf-8-encoded str (#176) * Bug fixes + bleach.clean() no longer unescapes entities including ones that are missing a ; at the end which can happen in urls and other places. (#143) + linkify: fix http links inside of mailto links; thank you, sedrubal! (#300) + clarify security policy in docs (#303) + fix dependency specification for html5lib 1.0b8, 1.0b9, and 1.0b10; thank you, Zoltán! (#268) + add Bleach vs. html5lib comparison to README; thank you, Stu Cox! (#278) + fix KeyError exceptions on tags without href attr; thank you, Alex Defsen! (#273) + add test website and scripts to test bleach.clean() output in browser; thank you, Greg Guthe!- Fix source URL.- Update to Version 2.0.0 + Backwards incompatible changes * Removed support for Python 2.6. #206 * Removed support for Python 3.2. #224 * Bleach no longer supports html5lib < 0.99999999 (8 9s). * ``bleach.clean`` and friends were rewrittenped. * ``bleach.clean`` and friends attribute callables now take three arguments: tag, attribute name and attribute value. Previously they only took attribute name and attribute value. * ``bleach.linkify`` was rewritten * ``bleach.linkify`` and friends had a ``skip_pre`` argument--that's been replaced with a more general ``skip_tags`` argument. + Changes * Supports Python 3.6. * Supports html5lib >= 0.99999999 (8 9s). * There's a ``bleach.sanitizer.Cleaner`` class that you can instantiate with your favorite clean settings for easy reuse. * There's a ``bleach.linkifier.Linker`` class that you can instantiate with your favorite linkify settings for easy reuse. * There's a ``bleach.linkifier.LinkifyFilter`` which is an htm5lib filter that you can pass as a filter to ``bleach.sanitizer.Cleaner`` allowing you to clean and linkify in one pass. * ``bleach.clean`` and friends can now take a callable as an attributes arg value. * Tons of bug fixes. * Cleaned up tests. * Documentation fixes. - Update to Version 1.5 + Backwards incompatible changes * clean: The list of ``ALLOWED_PROTOCOLS`` now defaults to http, https and mailto. + Changes * clean: Added ``protocols`` to arguments list to let you override the list of allowed protocols. Thank you, Andreas Malecki! #149 * linkify: Fix a bug involving periods at the end of an email address. Thank you, Lorenz Schori! #219 * linkify: Fix linkification of non-ascii ports. Thank you Alexandre, Macabies! [#207] * linkify: Fix linkify inappropriately removing node tails when dropping nodes. [#132] * Fixed a test that failed periodically. #161 * Switched from nose to py.test. #204 * Add test matrix for all supported Python and html5lib versions. #230 * Limit to html5lib ``>=0.999,!=0.9999,!=0.99999,<0.99999999`` because 0.9999 and 0.99999 are busted. * Add support for ``python setup.py test``. #97 - Update to Version 1.4.3 (May 23rd, 2016) + Changes * Limit to html5lib ``>=0.999,<0.99999999`` because of impending change to sanitizer api. #195 - Update to Version 1.4.2 + Changes * linkify: Fix hang in linkify with ``parse_email=True``. #124 * linkify: Fix crash in linkify when removing a link that is a first-child. #136 * Updated TLDs. * linkify: Don't remove exterior brackets when linkifying. #146 - Implemenet single-spec version- Fix build on SLE 11- eabled checks again: don't know, why they failed in the first place- disabled checks: developer unresponsive- updated to version 1.4.1old-cirrus3 1618416216  3.1.5-bp152.2.4.1bleachbleach-3.1.5-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txtnot-zip-saferequires.txttop_level.txt__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyccallbacks.cpython-36.opt-1.pyccallbacks.cpython-36.pychtml5lib_shim.cpython-36.opt-1.pychtml5lib_shim.cpython-36.pyclinkifier.cpython-36.opt-1.pyclinkifier.cpython-36.pycsanitizer.cpython-36.opt-1.pycsanitizer.cpython-36.pycutils.cpython-36.opt-1.pycutils.cpython-36.pyccallbacks.pyhtml5lib_shim.pylinkifier.pysanitizer.pyutils.pypython3-bleachCHANGESREADME.rstpython3-bleachLICENSE/usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/bleach-3.1.5-py3.6.egg-info//usr/lib/python3.6/site-packages/bleach//usr/lib/python3.6/site-packages/bleach/__pycache__//usr/share/doc/packages//usr/share/doc/packages/python3-bleach//usr/share/licenses//usr/share/licenses/python3-bleach/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:16086/openSUSE_Backports_SLE-15-SP2_Update/78fbd0f28c559c3137900935566f3df1-python-bleach.openSUSE_Backports_SLE-15-SP2_Updatedrpmxz5noarch-suse-linuxdirectoryHTML document, UTF-8 Unicode textASCII textPython script, ASCII text executablepython 3.6 byte-compiledUTF-8 Unicode textHTML document, ASCII text RRRRRRRRRRRRRRRRRRJ!t[,utf-870be354caea9bbb90c7427aa04f63341a00d222b9936bb45488522341c3d0701? 7zXZ !t/K]"k%%) `=Qf lۈٛ~Yd ZA8[DT4aI<;nx6yU8LI2Ty{)o[=W _Iqk- , %pŌzp~.M1>``wd'xiEe RDTEѡȑQ5Fq#]srbq;fKD,> L9V..#|`4het7YVӚYC lϝR-B}O%7>jb\Ջ j*I5g"֋Sfz؁ӕ lc)+3 +9ie>T2,TJf)'28|!Y%J^[僺C'-r%g$Tx"9h߁*zjj*=.lj ص %rlSt#ΐPҳ*WQ; nw,D,9٥Nixe0P,ָgj:"F)~JM S~&ed"fӆRڹ>AQ:5|s`tkڲN"1:1xW? -%d!gM>A7:; 98[ezeBvO O^_`3A~A1c $֛#]=B'&N.ظ˟WлRf?[l@CDگ'.zԛUd.&@$[_F5u03f9 '|MU +T1wL^c0T- -g;V*Ü3R)'q[Ȕs@;E'k9UtoVtF|fg+l$ ꭄ-iQQ7Ujk]n$Pw:;Ƀİl4y:9Yb7: xtQiy6 (k.ԣV:h7ĞϨ-Uh/BHj/{H7K|f5\BHْ]q=if (>:E }p = nmt{p* 6|cQr~Ȍo v4C߻:l._ U{3 cJ'Pkж5Zݟcٻ3h >>!>0'"EvI  *|γ 3d}"(ΆbL+)Kx.y07~LzNϤW_*iDTZ=Fk^ ÑqϏm^:1\aޑaìyZ>v!p},P1 L؆&9f'3hﶀq)DGY?GKUP"BuH۲z|6GTD\[VI'oiAke:6r(A »:f_c#Íf,01I]vzchŒɵg`e0jI.ʫ ?=H˚@ xfJC$U .+2-]S5]NQ^B32@>mlX %nݦnS5wpavU| |o+R'fTHqp`R YͰ̽7|;d?Poj1IЧF?\J^LylϾ5"+>4Z . BP=C?`n"B!2uR/st`.Zng='j@m{m!]ۘFWs1.wd󪬫ES˸БXͼ53 =Up52,Ѕ5Ť"\S=E2"7>R'gUĞ>_gJ:WԢdˉiM]E4 ry&2&p6nx/.oYbdLu۶q LS:xsn1UlxIv6'ˤwS7x{,|`&%Jc]u1)tr-,L쮹Lչ!*E{ILjPj*! MqGBœھBZ81H.vNqaMM[W7A-sh6k׭M[ˣͻ`5Y)@ГiD?jJSxr#K%iF"/Z2'RĭeK_/!%6Bmnϓe;AH=Rm3@剝3ϡ%3s|ЀI?$>9HUt#8h2r=n1_ϊ晞;$2?.;Rev[|+XsK4CtVxސ"2غ.Ѣ 20WA3gfGb\cXh.^ࢧQ}n+XV.8Mz[̕Έ:KqADk80_啷郕TL ~Hefr4`M-pJMጲϠ,kVށ DȆ"qjށ`N 0r6 es32w*z&q?%^рBQ+[e6-iԻ~YC6Y; lU􄽙x";?uso~zF[72p_%e.ge nRW{ƵB@:4E")ABT2 r ބF:9?Gf#|% =vQ>p-2i|귔u<߅ջN;Uz3@FƑNi0AA$bܼFv38R:L߹5PXI A3=Wg<.i2pȌ)&Jxa,+@6/YY1EIhJ y7Ull[^˜>^[g~_l{t !MnKhg<%p1@(T2q%"؞M`'6)`evy_C;r4F)yӞsmztַ 'ILcR['< 4E~~.hmr+M,B8cSqgW:^Ϋ)`|rW J!>2-17t4 õ匾B^n"}}qjY_N 8Ƚ#ӆ!Sp o2\)^Q9^XD^^W:J3D% B+_ƒ@e3_%|ؓ4-4mNEU g['L![_5t3.L8Tr',F>ipקwW쪿[ϝA"9eșJ7F̪+uYVdkr<3*pRa e4ۓ2{ֱ9۪rEnMrt`_빅+1P)c@  S:pww i=~摢kʢ)xKSeUm7%[9)F:1k "jjQ?aV[U^Ն]~SA_"dҨ3§?z+nZ<EqdF6wN5VFYXE?ɪX{ZKYok>߄:`CD"!d$=8f<5E6vvHu|[9]/a^L{vu?vgm>>/<SJȁ(mlOg;8կX{O4`4Q؍1Ts̈́=r\23重g{LvyVgYHYźg˾@6Ŋ&k,Ns 'QAod$nZdT?P m&nƵ*rHV[x'߹9z_'[z RBX4?aQr4Ww:- `S x1c6 'ʣL/|I#tO {ZUpz"/C0;j#@&is OBCo4HuI}w=lE(@PJHz$;le-(A9@ROl1a5Oa:Iy$,y5~'"#Zlh~Lq19)0`5^{i ? UYFi~" N3x9JjKs{%Nw>#eUS}ˈ$hm6&iF|jD_9|SL5=}`Lz5y9 ~:>K\L (㇆qMvUlĦ?[I^w.K5yxnItD^J+ɢ 2,g3RB@c}/zDV$dF֥rdﯵSr,ב ʮZqց6V׬V4hθx$+_~/RK/xUB U(< s~sNGRZZ&z3nGz58f)?90Ljϴ恥 ^G{9%"Bͨ9!LO8 ɬI zRm.tIR^TLb̿7VoCQ}|pCxPa71b˯$y>KCf8(s~z.!rF}ːGq^ޔ16Dh]I,M[=EI߭qTnjkv˦~tk6 mkjd*b. HYMqP]XTa NE X +8}2Jל9N҃v^@ wefy5|w|?Ru4l44>iC9I *PGll VLM DfWUxC;{Vx hD|LM @ox`ZQʒ[e o,pɊwafO:T2/[IeX6FԶ YZ