diff --git a/frappe/utils/html_utils.py b/frappe/utils/html_utils.py
index 67a01296c1..3de647894b 100644
--- a/frappe/utils/html_utils.py
+++ b/frappe/utils/html_utils.py
@@ -1,7 +1,9 @@
 from __future__ import unicode_literals
 import frappe
-import json, re
-import bleach, bleach_whitelist.bleach_whitelist as bleach_whitelist
+import json
+import re
+import bleach
+import bleach_whitelist.bleach_whitelist as bleach_whitelist
 from six import string_types
 from bs4 import BeautifulSoup
 
@@ -47,7 +49,7 @@ def clean_script_and_style(html):
 def sanitize_html(html, linkify=False):
 	"""
 	Sanitize HTML tags, attributes and style to prevent XSS attacks
-	Based on bleach clean, bleach whitelist and HTML5lib's Sanitizer defaults
+	Based on bleach clean, bleach whitelist and html5lib's Sanitizer defaults
 
 	Does not sanitize JSON, as it could lead to future problems
 	"""
diff --git a/frappe/utils/pdf.py b/frappe/utils/pdf.py
index bc1ad6cef9..58275a5c6c 100644
--- a/frappe/utils/pdf.py
+++ b/frappe/utils/pdf.py
@@ -16,6 +16,7 @@ import frappe
 from frappe import _
 from frappe.utils import get_wkhtmltopdf_version, scrub_urls
 
+
 PDF_CONTENT_ERRORS = ["ContentNotFoundError", "ContentOperationNotPermittedError",
 	"UnknownContentError", "RemoteHostClosedError"]
 
diff --git a/requirements.txt b/requirements.txt
index e0386fae4c..55a4910056 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,7 @@
 Babel==2.6.0
 beautifulsoup4==4.8.2
 bleach-whitelist==0.0.10
-bleach==2.1.4
+bleach==3.1.2
 boto3==1.10.18
 braintree==3.57.1
 chardet==3.0.4
@@ -23,6 +23,7 @@ google-auth==1.7.1
 googlemaps==3.1.1
 gunicorn==19.10.0
 html2text==2016.9.19
+html5lib==1.0.1
 ipython==5.9.0
 Jinja2==2.10.3
 ldap3==2.7