- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2020-1eaffe0013
2020-10-06 15:02:13.246044
——————————————————————————–
Name : pandoc-citeproc
Product : Fedora 32
Version : 0.16.2
Release : 2.fc32
URL : https://hackage.haskell.org/package/pandoc-citeproc
Summary : Citeproc support for pandoc
Description :
The pandoc-citeproc library supports automatic generation of citations and a
bibliography in pandoc documents using the Citation Style Language (CSL) macro
language. More details on CSL can be found at <http://citationstyles.org/>.
In addition to a library, the package includes an executable, pandoc-citeproc,
which works as a pandoc filter and also has a mode for converting bibliographic
databases into CSL JSON and pandoc YAML metadata formats.
pandoc-citeproc originated as a fork of Andrea Rossato’s citeproc-hs.
——————————————————————————–
Update Information:
Security fix for CVE-2020-5238 – ghc-cmark-gfm updated to 0.2.2 which rebases
the bundled cmark-gfm to 0.29.0.gfm.1 – also update hakyll to 4.13.4.0
https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
——————————————————————————–
ChangeLog:
* Mon Sep 21 2020 Jens Petersen <petersen@redhat.com> – 0.16.2-2
– rebuild for cmark-gfm-0.2.2: fixes exponential parse (#1854329)
——————————————————————————–
References:
[ 1 ] Bug #1854328 – CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS.
https://bugzilla.redhat.com/show_bug.cgi?id=1854328
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-1eaffe0013’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-1eaffe0013
2020-10-06 15:02:13.246044
——————————————————————————–
Name : pandoc
Product : Fedora 32
Version : 2.7.3
Release : 4.fc32
URL : https://hackage.haskell.org/package/pandoc
Summary : Conversion between markup formats
Description :
Pandoc is a Haskell library for converting from one markup format to another,
and a command-line tool that uses this library. It can read several dialects of
Markdown and (subsets of) HTML, reStructuredText, LaTeX, DocBook, JATS,
MediaWiki markup, DokuWiki markup, TWiki markup, TikiWiki markup, Creole 1.0,
Haddock markup, OPML, Emacs Org-Mode, Emacs Muse, txt2tags, ipynb (Jupyter
notebooks), Vimwiki, Word Docx, ODT, EPUB, FictionBook2, roff man, and Textile,
and it can write Markdown, reStructuredText, XHTML, HTML 5, LaTeX, ConTeXt,
DocBook, JATS, OPML, TEI, OpenDocument, ODT, Word docx, PowerPoint pptx, RTF,
MediaWiki, DokuWiki, XWiki, ZimWiki, Textile, Jira, roff man, roff ms, plain
text, Emacs Org-Mode, AsciiDoc, Haddock markup, EPUB (v2 and v3), ipynb,
FictionBook2, InDesign ICML, Muse, LaTeX beamer slides, and several kinds of
HTML/JavaScript slide shows (S5, Slidy, Slideous, DZSlides, reveal.js).
In contrast to most existing tools for converting Markdown to HTML, pandoc has
a modular design: it consists of a set of readers, which parse text in a given
format and produce a native representation of the document, and a set of
writers, which convert this native representation into a target format.
Thus, adding an input or output format requires only adding a reader or writer.
For pdf output please also install pandoc-pdf or weasyprint.
——————————————————————————–
Update Information:
Security fix for CVE-2020-5238 – ghc-cmark-gfm updated to 0.2.2 which rebases
the bundled cmark-gfm to 0.29.0.gfm.1 – also update hakyll to 4.13.4.0
https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
——————————————————————————–
ChangeLog:
* Mon Sep 21 2020 Jens Petersen <petersen@redhat.com> – 2.7.3-4
– rebuild for cmark-gfm-0.2.2: fixes exponential parse (#1854329)
——————————————————————————–
References:
[ 1 ] Bug #1854328 – CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS.
https://bugzilla.redhat.com/show_bug.cgi?id=1854328
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-1eaffe0013’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-fe299b3fa3
2020-10-06 15:06:57.555099
——————————————————————————–
Name : pandoc
Product : Fedora 31
Version : 2.5
Release : 2.fc31
URL : https://hackage.haskell.org/package/pandoc
Summary : Conversion between markup formats
Description :
Pandoc is a Haskell library for converting from one markup format to another,
and a command-line tool that uses this library. It can read several dialects of
Markdown and (subsets of) HTML, reStructuredText, LaTeX, DocBook, JATS,
MediaWiki markup, TWiki markup, TikiWiki markup, Creole 1.0, Haddock markup,
OPML, Emacs Org-Mode, Emacs Muse, txt2tags, Vimwiki, Word Docx, ODT, EPUB,
FictionBook2, roff man, and Textile, and it can write Markdown,
reStructuredText, XHTML, HTML 5, LaTeX, ConTeXt, DocBook, JATS, OPML, TEI,
OpenDocument, ODT, Word docx, PowerPoint pptx, RTF, MediaWiki, DokuWiki,
ZimWiki, Textile, roff man, roff ms, plain text, Emacs Org-Mode, AsciiDoc,
Haddock markup, EPUB (v2 and v3), FictionBook2, InDesign ICML, Muse, LaTeX
beamer slides, and several kinds of HTML/JavaScript slide shows (S5, Slidy,
Slideous, DZSlides, reveal.js).
In contrast to most existing tools for converting Markdown to HTML, pandoc has
a modular design: it consists of a set of readers, which parse text in a given
format and produce a native representation of the document, and a set of
writers, which convert this native representation into a target format.
Thus, adding an input or output format requires only adding a reader or writer.
For pdf output please also install pandoc-pdf or weasyprint.
——————————————————————————–
Update Information:
Security fix for CVE-2020-5238 – ghc-cmark-gfm updated to 0.2.2 which rebases
the bundled cmark-gfm to 0.29.0.gfm.1 https://github.com/github/cmark-
gfm/security/advisories/GHSA-7gc6-9qr5-hc85
——————————————————————————–
ChangeLog:
* Mon Sep 21 2020 Jens Petersen <petersen@redhat.com> – 2.5-2
– rebuild for cmark-gfm-0.2.2: fixes exponential parse (#1854329)
——————————————————————————–
References:
[ 1 ] Bug #1854328 – CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS.
https://bugzilla.redhat.com/show_bug.cgi?id=1854328
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-fe299b3fa3’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2020-fe299b3fa3
2020-10-06 15:06:57.555099
——————————————————————————–
Name : pandoc-citeproc
Product : Fedora 31
Version : 0.15.0.1
Release : 2.fc31
URL : https://hackage.haskell.org/package/pandoc-citeproc
Summary : Citeproc support for pandoc
Description :
The pandoc-citeproc library supports automatic generation of citations and a
bibliography in pandoc documents using the Citation Style Language (CSL) macro
language. More details on CSL can be found at <http://citationstyles.org/>.
In addition to a library, the package includes an executable, pandoc-citeproc,
which works as a pandoc filter and also has a mode for converting bibliographic
databases into CSL JSON and pandoc YAML metadata formats.
pandoc-citeproc originated as a fork of Andrea Rossato’s citeproc-hs.
——————————————————————————–
Update Information:
Security fix for CVE-2020-5238 – ghc-cmark-gfm updated to 0.2.2 which rebases
the bundled cmark-gfm to 0.29.0.gfm.1 https://github.com/github/cmark-
gfm/security/advisories/GHSA-7gc6-9qr5-hc85
——————————————————————————–
ChangeLog:
* Thu Sep 24 2020 Jens Petersen <petersen@redhat.com> – 0.15.0.1-2
– rebuild for cmark-gfm-0.2.2: fixes exponential parse (#1854329)
——————————————————————————–
References:
[ 1 ] Bug #1854328 – CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS.
https://bugzilla.redhat.com/show_bug.cgi?id=1854328
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-fe299b3fa3’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
| Autor | Bruno Varga |
| Cert id | NCERT-REF-2020-10-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
