Security fix for CVE-2022-24724 – https://github.com/github/cmark- gfm/security/advisories/GHSA-mc3g-88wq-6f4x – fixed upstream in Haskell cmark- gfm-0.2.3 in bundled cmark-gfm-0.29.0.gfm.3 C library – pandoc-citeproc: update HsYAML-aeson to 0.2.0.1
Archive for April 1st, 2022
4 results.
Comment
Security fix for CVE-2022-21698, skopeo likely not directly impacted
Security fix for CVE-2022-24724 – https://github.com/github/cmark- gfm/security/advisories/GHSA-mc3g-88wq-6f4x – fixed upstream in Haskell cmark- gfm-0.2.3 in bundled cmark-gfm-0.29.0.gfm.3 C library – pandoc-citeproc: update HsYAML-aeson to 0.2.0.1
Danilo Ramos discovered that incorrect memory handling in zlib’s deflate handling could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed.