[Git][security-tracker-team/security-tracker][master] cmark-gfm fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jan 5 13:34:12 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
efb05fac by Moritz Muehlenhoff at 2025-01-05T14:33:11+01:00
cmark-gfm fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -128622,7 +128622,7 @@ CVE-2023-37744 (Maid Hiring Management System v1.0 was discovered to contain a c
 CVE-2023-37743 (A cross-site scripting (XSS) vulnerability in Teacher Subject Allocati ...)
 	NOT-FOR-US: Teacher Subject Allocation System
 CVE-2023-37463 (cmark-gfm is an extended version of the C reference implementation of  ...)
-	- cmark-gfm <unfixed> (bug #1041097)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1041097)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
@@ -151383,7 +151383,7 @@ CVE-2023-26487 (Vega is a visualization grammar, a declarative format for creati
 CVE-2023-26486 (Vega is a visualization grammar, a declarative format for creating, sa ...)
 	NOT-FOR-US: Vega
 CVE-2023-26485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
-	- cmark-gfm <unfixed> (bug #1034171)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1034171)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
@@ -156577,7 +156577,7 @@ CVE-2023-24826 (RIOT-OS, an operating system for Internet of Things (IoT) device
 CVE-2023-24825 (RIOT-OS, an operating system for Internet of Things (IoT) devices, con ...)
 	NOT-FOR-US: RIOT-OS
 CVE-2023-24824 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
-	- cmark-gfm <unfixed> (bug #1034171)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1034171)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
@@ -164296,7 +164296,7 @@ CVE-2023-22488 (Flarum is a forum software for building communities. Using the n
 CVE-2023-22487 (Flarum is a forum software for building communities. Using the mention ...)
 	NOT-FOR-US: Flarum
 CVE-2023-22486 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
-	- cmark-gfm <unfixed> (bug #1033110)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
@@ -164317,7 +164317,7 @@ CVE-2023-22486 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 	NOTE: r-cran-commonmark: https://github.com/r-lib/commonmark/commit/e7a1703cf293eaa898e6f0cf07d278cfb05590eb (v1.9.0)
 CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
-	- cmark-gfm <unfixed> (bug #1033110)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
@@ -164337,7 +164337,7 @@ CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 	NOTE: r-cran-commonmark: https://github.com/r-lib/commonmark/commit/e7a1703cf293eaa898e6f0cf07d278cfb05590eb (v1.9.0)
 CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
-	- cmark-gfm <unfixed> (bug #1033110)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)
@@ -164357,7 +164357,7 @@ CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	NOTE: https://github.com/theacodes/cmarkgfm/commit/acf473a51a9dc3a4fd6d6a4b30e4d80c94d91d4a (2024.1.14)
 	NOTE: r-cran-commonmark: https://github.com/r-lib/commonmark/commit/e7a1703cf293eaa898e6f0cf07d278cfb05590eb (v1.9.0)
 CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
-	- cmark-gfm <unfixed> (bug #1033110)
+	- cmark-gfm 0.29.0.gfm.13-1 (bug #1033110)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	[buster] - cmark-gfm <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efb05facaf1e4f50bc083d039157639879af8094

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efb05facaf1e4f50bc083d039157639879af8094
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250105/64094908/attachment.htm>

More information about the debian-security-tracker-commits mailing list