[DRE-maint] Bug#808450: ruby-sanitize: FTBFS: Config::DEFAULT#test_0009_should clean malicious HTML [/build/ruby-sanitize-2.1.0/test/test_sanitize.rb:213]:
Chris Lamb
lamby at debian.org
Sun Dec 20 10:01:44 UTC 2015
Source: ruby-sanitize
Version: 2.1.0-1
Severity: serious
Justification: fails to build from source
User: reproducible-builds at lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-builds at lists.alioth.debian.org
Dear Maintainer,
ruby-sanitize fails to build from source in unstable/amd64:
[..]
Finished in 0.222619s, 637.8620 runs/s, 871.4452 assertions/s.
1) Failure:
Config::DEFAULT#test_0009_should clean malicious HTML [/build/ruby-sanitize-2.1.0/test/test_sanitize.rb:213]:
--- expected
+++ actual
@@ -1 +1 @@
-"Lorem ipsum dolor sit amet script>alert(\"hello world\");"
+"Lorem ipsum dolor sit amet <script>alert(\"hello world\");"
2) Failure:
Config::BASIC#test_0006_should clean malicious HTML [/build/ruby-sanitize-2.1.0/test/test_sanitize.rb:253]:
--- expected
+++ actual
@@ -1 +1 @@
-"<b>Lorem</b> <a rel=\"nofollow\">ipsum</a> <a href=\"http://foo.com/\" rel=\"nofollow\"><strong>dolor</strong></a> sit<br>amet script>alert(\"hello world\");"
+"<b>Lorem</b> <a rel=\"nofollow\">ipsum</a> <a href=\"http://foo.com/\" rel=\"nofollow\"><strong>dolor</strong></a> sit<br>amet <script>alert(\"hello world\");"
3) Failure:
Config::RESTRICTED#test_0004_should clean malicious HTML [/build/ruby-sanitize-2.1.0/test/test_sanitize.rb:229]:
--- expected
+++ actual
@@ -1 +1 @@
-"<b>Lorem</b> ipsum <strong>dolor</strong> sit amet script>alert(\"hello world\");"
+"<b>Lorem</b> ipsum <strong>dolor</strong> sit amet <script>alert(\"hello world\");"
4) Failure:
Full Document parser (using clean_document)#test_0008_should wrap malicious with DOCTYPE and HTML tag [/build/ruby-sanitize-2.1.0/test/test_sanitize.rb:315]:
--- expected
+++ actual
@@ -1,3 +1,3 @@
"<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\" \"http://www.w3.org/TR/REC-html40/loose.dtd\">
-<html>Lorem ipsum dolor sit amet script>alert(\"hello world\");</html>
+<html>Lorem ipsum dolor sit amet <script>alert(\"hello world\");</html>
"
5) Failure:
Config::RELAXED#test_0005_should clean malicious HTML [/build/ruby-sanitize-2.1.0/test/test_sanitize.rb:275]:
--- expected
+++ actual
@@ -1 +1 @@
-"<b>Lorem</b> <a title=\"foo\">ipsum</a> <a href=\"http://foo.com/\"><strong>dolor</strong></a> sit<br>amet script>alert(\"hello world\");"
+"<b>Lorem</b> <a title=\"foo\">ipsum</a> <a href=\"http://foo.com/\"><strong>dolor</strong></a> sit<br>amet <script>alert(\"hello world\");"
142 runs, 194 assertions, 5 failures, 0 errors, 0 skips
ERROR: Test "ruby2.2" failed. Exiting.
dh_auto_install: dh_ruby --install /build/ruby-sanitize-2.1.0/debian/ruby-sanitize returned exit code 1
debian/rules:15: recipe for target 'binary' failed
make: *** [binary] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary gave error exit status 2
[..]
The full build log is attached or can be viewed here:
https://reproducible.debian.net/logs/unstable/amd64/ruby-sanitize_2.1.0-1.build1.log.gz
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby at debian.org / chris-lamb.co.uk
`-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ruby-sanitize.2.1.0-1.unstable.amd64.log.txt.gz
Type: application/octet-stream
Size: 4975 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-ruby-extras-maintainers/attachments/20151220/90ba2aca/attachment.obj>
More information about the Pkg-ruby-extras-maintainers
mailing list