[Git][security-tracker-team/security-tracker][master] record python-cmarkgfm upstream fixes

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8a87eee9 by Moritz Muehlenhoff at 2024-10-26T17:33:22+02:00
record python-cmarkgfm upstream fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -108430,6 +108430,7 @@ CVE-2023-37463 (cmark-gfm is an extended version of the C reference implementati
 	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-37267 (Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco c ...)
 	NOT-FOR-US: Umbraco
 CVE-2023-35833 (An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When mo ...)
@@ -131182,6 +131183,7 @@ CVE-2023-26485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-r8vr-c48j-fcc5
 	NOTE: https://github.com/github/cmark-gfm/commit/07a66c9bc341f902878e37d7da8647d6ef150987 (0.29.0.gfm.10)
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-26484 (KubeVirt is a virtual machine management add-on for Kubernetes. In ver ...)
 	NOT-FOR-US: KubeVirt
 CVE-2023-26483 (gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Provider ...)
@@ -136376,6 +136378,7 @@ CVE-2023-24824 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-66g8-4hjf-77xh
 	NOTE: https://github.com/github/cmark-gfm/commit/2300c1bd2c8226108885bf019655c4159cf26b59 (0.29.0.gfm.10)
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-24823 (RIOT-OS, an operating system that supports Internet of Things devices, ...)
 	NOT-FOR-US: RIOT-OS
 CVE-2023-24822 (RIOT-OS, an operating system that supports Internet of Things devices, ...)
@@ -144091,6 +144094,7 @@ CVE-2023-22486 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p
 	NOTE: https://github.com/github/cmark-gfm/commit/ece074cc3378f7a8dec0395f00123e9fa6981f7b (0.29.0.gfm.7)
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
@@ -144109,6 +144113,7 @@ CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
@@ -144127,6 +144132,7 @@ CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
@@ -144145,6 +144151,7 @@ CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
 	NOT-FOR-US: Argo CD
 CVE-2023-22481 (FreshRSS is a self-hosted RSS feed aggregator. When using the greader  ...)
@@ -174324,6 +174331,7 @@ CVE-2022-39209 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q
 	NOTE: https://github.com/github/cmark-gfm/commit/cfcaa0068bf319974fdec283416fcee5035c2d70 (0.29.0.gfm.6)
 	NOTE: For ghostwriter just a hang/crash in GUI tool, no security impact
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/d6bb964c5b27ecf5deb76f0d1ce5e9274cb877ff (2022.10.27)
 CVE-2022-39208 (Onedev is an open source, self-hosted Git Server with CI/CD and Kanban ...)
 	NOT-FOR-US: Onedev
 CVE-2022-39207 (Onedev is an open source, self-hosted Git Server with CI/CD and Kanban ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a87eee9bf41386f4298ae5768b93fa04a57b3e3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a87eee9bf41386f4298ae5768b93fa04a57b3e3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/d2b217c6/attachment-0001.htm>