You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa discount

Sigurnosni nedostaci programskog paketa discount

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-09-06 03:07:22.671199

Name : discount
Product : Fedora 28
Version : 2.2.4
Release : 1.fc28
Summary : A command-line utility for converting Markdown files into HTML
Description :
DISCOUNT is an implementation of John Gruber’s Markdown language in C.
It includes all of the original Markdown features, along with a few
extensions, and passes the Markdown test suite.

Update Information:

Upstream version 2.2.4

* Thu Aug 23 2018 Greg Hellings <> – 2.2.4-1
– Upstream version 2.2.4
– Addresses multiple serious bugs
* Wed Jul 25 2018 Greg Hellings <> – 2.2.3-1
– Upstream version 2.2.3
– Added BR for gcc to build with F29

[ 1 ] Bug #1582640 – CVE-2018-11468 discount: heap-based buffer over-read __mkd_trim_line function in mkdio.c
[ 2 ] Bug #1583001 – CVE-2018-11503 discount: Heap-based buffer-overflow in markdown.c:isfootnote() allows for denial of service
[ 3 ] Bug #1583005 – CVE-2018-11504 discount: Heap-based buffer-overflow in markdown.c:islist() allows for denial of service
[ 4 ] Bug #1592866 – CVE-2018-12495 discount: heap-based buffer over-read via a crafted file

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-38bdbafa96’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorZvonimir Bosnjak
Cert idNCERT-REF-2018-09-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa tcpflow

Otkriven je sigurnosni nedostatak u programskom paketu tcpflow za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija...