python-bleach (1.4-1+deb8u2) jessie-security; urgency=high
  
  * Non-maintainer upload by the ELTS Security Team.
  * CVE-2021-23980: mutation XSS via allowed math or svg; p or br; and
    style, title, noscript, script, textarea, noframes, iframe, or xmp
    tags with strip_comments=False

 -- Sylvain Beucler <beuc@debian.org>  Mon, 26 Apr 2021 15:29:19 +0200

python-bleach (1.4-1+deb8u1) jessie-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * Fix CVE-2020-6817: Calls to bleach.clean with an allowed tag with an
    allowed style attribute are vulnerable toregular expression denial of
    service (ReDoS). (Closes: #955388)

 -- Roberto C. Sanchez <roberto@debian.org>  Wed, 01 Apr 2020 11:43:53 -0400

python-bleach (1.4-1) unstable; urgency=low

  * New upstream release
    - License changed to Apache License 2.0
    - Add python*-six to Build-Dependends
  * Shipping both python2 and python3 packages
    - Add python3-html5lib to Build-Dependends
  * Running tests during build
    - Add python*-nose Build-Dependends
  * Packaging license changed to Apache License 2.0
  * Bumped Standards-Version to 3.9.5, no changes needed
  * Add common doc package
    - Binary packages suggests this package
    - Add python*-sphinx to Build-Depends

 -- Per Andersson <avtobiff@gmail.com>  Fri, 14 Feb 2014 00:59:20 +0100

python-bleach (1.2.2-1) unstable; urgency=low

  * Initial release (Closes: #686902)

 -- Per Andersson <avtobiff@gmail.com>  Sun, 09 Jun 2013 19:46:56 +0200
