[Git][security-tracker-team/security-tracker][master] python-cmarkgfm/CVE-2020-5238 already fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Oct 26 16:36:05 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f71096f6 by Moritz Muehlenhoff at 2024-10-26T17:35:32+02:00
python-cmarkgfm/CVE-2020-5238 already fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -366655,8 +366655,7 @@ CVE-2020-5238 (The table extension in GitHub Flavored Markdown before version 0.
 	- cmark-gfm 0.29.0.gfm.2-1 (bug #965984)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
-	- python-cmarkgfm <unfixed> (bug #965983)
-	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	- python-cmarkgfm 0.7.0-1 (bug #965983)
 	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	[buster] - python-cmarkgfm <no-dsa> (Minor issue)
 	- ruby-commonmarker 0.21.0-1 (bug #965981)
@@ -366669,6 +366668,7 @@ CVE-2020-5238 (The table extension in GitHub Flavored Markdown before version 0.
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
 	NOTE: https://github.com/github/cmark-gfm/commit/85d895289c5ab67f988ca659493a64abb5fec7b4
 	NOTE: haskell-cmark-gfm switched to src:cmark-gfm in 0.2.1+ds1-1, marking that as fixed (despite cmark-gfm not fixed yet)
+	NOTE: https://github.com/theacodes/cmarkgfm/commit/00b8e84050ee46fd621672cfa0114843fd10e6e5 (0.7.0)
 CVE-2020-5237 (Multiple relative path traversal vulnerabilities in the oneup/uploader ...)
 	NOT-FOR-US: oneup/uploader-bundle
 CVE-2020-5236 (Waitress version 1.4.2 allows a DOS attack When waitress receives a he ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f71096f6a0c785035ca2382f8815b5bdaa33bdf5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f71096f6a0c785035ca2382f8815b5bdaa33bdf5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/82837f50/attachment.htm>

More information about the debian-security-tracker-commits mailing list