[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New snapshot: use HTML Tidy binary in Sanitize
From: |
Dmitry Borodaenko |
Subject: |
New snapshot: use HTML Tidy binary in Sanitize |
Date: |
Sun, 21 Sep 2008 18:38:34 +0300 |
Greetings,
This snapshot is a must for anyone using Samizdat with Ruby that
includes recent security fixes in DL library (e.g. Ruby 1.8.7-p72).
Even if you only use Samizdat release 0.6.1, read on: you may find
this update useful.
The DL fixes broke the Ruby/Tidy library [0], and I don't know enough
about DL to fix the root cause, so I had to implement a workaround:
invoke HTML Tidy binary via pipe (File.popen) instead of using the
dynamic library. The code is generic enough, so if you pass it a path
to .so library, it will still try to use library instead of the
binary.
[0] http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/315497
The changes are backwards-compatible and isolated to sanitize.rb. To
use this fix with older Samizdat versions, all you need to do is copy
over sanitize.rb from this snapshot. I did just that with the
samizdat-0.6.1 package in Debian/unstable.
As usual, the snapshot can be downloaded from:
http://download.savannah.gnu.org/releases/samizdat/samizdat-snapshot.tar.gz
The versions of Debian packages with this fix are 0.6.1-2 (unstable)
and 0.6.1.20080921-1 (experimental).
--
Dmitry Borodaenko
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- New snapshot: use HTML Tidy binary in Sanitize,
Dmitry Borodaenko <=