cmark-gfm - Debian Package Tracker

1 security issue in sid high

1 important issue:

CVE-2020-5238: The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

Created: 2021-02-19 Last update: 2021-08-15 00:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2020-5238: The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

Created: 2021-08-15 Last update: 2021-08-15 00:00

1 low-priority security issue in buster low

1 issue left for the package maintainer to handle:

CVE-2020-5238: (needs triaging) The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-02-19 Last update: 2021-08-15 00:00

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2020-5238: (needs triaging) The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the upstream cmark project. The issue has been fixed in version 0.29.0.gfm.1.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-14 Last update: 2021-08-15 00:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-10-24 Last update: 2019-04-23 02:06

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.5.0).

Created: 2020-11-17 Last update: 2021-08-18 14:03