FEDORA-2022-1f981071eb — security update for ghc-cmark-gfm, ghc-hakyll, & 4 more

stable

ghc-cmark-gfm-0.2.3-1.fc34, ghc-hakyll-4.13.4.0-5.1.fc34, & 4 more

FEDORA-2022-1f981071eb created by petersen 3 years ago for Fedora 34

Security fix for CVE-2022-24724

https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
fixed upstream in Haskell cmark-gfm-0.2.3 in bundled cmark-gfm-0.29.0.gfm.3 C library
pandoc-citeproc: update HsYAML-aeson to 0.2.0.1

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-1f981071eb

This update's test gating status has been changed to 'waiting'.

3 years ago

This update has been submitted for testing by bodhi.

3 years ago

This update's test gating status has been changed to 'ignored'.

3 years ago

petersen edited this update.

3 years ago

petersen edited this update.

3 years ago

This update has been pushed to testing.

3 years ago

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

3 years ago

in testing

3 years ago

in stable

3 years ago

modified

3 years ago

Builds

ghc-cmark-gfm-0.2.3-1.fc34

ghc-hakyll-4.13.4.0-5.1.fc34

gitit-0.13.0.0-5.1.fc34

pandoc-2.9.2.1-10.fc34

pandoc-citeproc-0.17.0.1-5.fc34

patat-0.8.6.1-1.1.fc34

BZ#2060662 CVE-2022-24724 cmark-gfm: possible RCE due to integer overflow

BZ#2060663 CVE-2022-24724 ghc-cmark-gfm: cmark-gfm: possible RCE due to integer overflow [fedora-34]

ghc-cmark-gfm-0.2.3-1.fc34

ghc-hakyll-4.13.4.0-5.1.fc34

gitit-0.13.0.0-5.1.fc34

pandoc-2.9.2.1-10.fc34

pandoc-citeproc-0.17.0.1-5.fc34

patat-0.8.6.1-1.1.fc34

Automated Test Results

ignored