[DRE-maint] Bug#965981: CVE-2020-5238

Moritz Muehlenhoff jmm at debian.org
Tue Jul 21 20:26:27 BST 2020

Previous message (by thread): [DRE-maint] ruby-kramdown_2.3.0-1_source.changes ACCEPTED into experimental
Next message (by thread): [DRE-maint] ruby-delayed-job-active-record 4.1.4-1 MIGRATED to testing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Package: ruby-commonmarker
Severity: important
Tags: security

This was assigned CVE-2020-5238
https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
https://github.com/github/cmark-gfm/commit/85d895289c5ab67f988ca659493a64abb5fec7b4

And ruby-commonmarker seems to embed a copy of cmark-gfm.

Cheers,
        Moritz

Previous message (by thread): [DRE-maint] ruby-kramdown_2.3.0-1_source.changes ACCEPTED into experimental
Next message (by thread): [DRE-maint] ruby-delayed-job-active-record 4.1.4-1 MIGRATED to testing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Pkg-ruby-extras-maintainers mailing list