FEDORA-2020-fe299b3fa3 — security update for ghc-cmark-gfm, ghc-hakyll, & 4 more

stable

ghc-cmark-gfm-0.2.2-1.fc31, ghc-hakyll-4.12.5.2-2.fc31, & 4 more

FEDORA-2020-fe299b3fa3 created by petersen 4 years ago for Fedora 31

Security fix for CVE-2020-5238

ghc-cmark-gfm updated to 0.2.2 which rebases the bundled cmark-gfm to 0.29.0.gfm.1

https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2020-fe299b3fa3

This update's test gating status has been changed to 'waiting'.

4 years ago

petersen edited this update.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update has been submitted for testing by mattia.

4 years ago

This update has been pushed to testing.

4 years ago

This update can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

4 years ago

in testing

4 years ago

in stable

4 years ago

modified

4 years ago

Builds

ghc-cmark-gfm-0.2.2-1.fc31

ghc-hakyll-4.12.5.2-2.fc31

gitit-0.12.3.2-4.fc31

pandoc-2.5-2.fc31

pandoc-citeproc-0.15.0.1-2.fc31

patat-0.8.2.3-2.fc31

BZ#1854328 CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS.

BZ#1854329 CVE-2020-5238 ghc-cmark-gfm: cmark: Exponential time to parse certain inputs could lead to DoS. [fedora-all]

ghc-cmark-gfm-0.2.2-1.fc31

ghc-hakyll-4.12.5.2-2.fc31

gitit-0.12.3.2-4.fc31

pandoc-2.5-2.fc31

pandoc-citeproc-0.15.0.1-2.fc31

patat-0.8.2.3-2.fc31

Automated Test Results

ignored