Debian Package Tracker
Register | Log in
Subscribe

golang-github-gomarkdown-markdown

Markdown parser and HTML renderer for Go

Choose email to subscribe with

general
  • source: golang-github-gomarkdown-markdown (main)
  • version: 0.0~git20231115.a660076-1
  • maintainer: Debian Go Packaging Team (DMD)
  • uploaders: Anthony Fok [DMD]
  • arch: all
  • std-ver: 4.6.2
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • stable: 0.0~git20220731.dcdaee8-2
  • testing: 0.0~git20231115.a660076-1
  • unstable: 0.0~git20231115.a660076-1
versioned links
  • 0.0~git20220731.dcdaee8-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.0~git20231115.a660076-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • golang-github-gomarkdown-markdown-dev
action needed
A new upstream version is available: 0.0~git20250311.531bef5 high
A new upstream version 0.0~git20250311.531bef5 is available, you should consider packaging it.
Created: 2023-12-24 Last update: 2025-05-16 07:04
1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:
  • CVE-2024-44337: The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem.
Created: 2024-10-18 Last update: 2025-02-27 05:02
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2024-44337: The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem.
Created: 2024-10-18 Last update: 2025-02-27 05:02
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2022-08-16 Last update: 2023-02-02 01:03
2 low-priority security issues in bookworm low

There are 2 open security issues in bookworm.

2 issues left for the package maintainer to handle:
  • CVE-2023-42821: (needs triaging) The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `0.0.0-20230922105210-14b16010c2ee`, which corresponds with commit `14b16010c2ee7ff33a940a541d993bd043a88940`, parsing malformed markdown input with parser that uses parser.Mmark extension could result in out-of-bounds read vulnerability. To exploit the vulnerability, parser needs to have `parser.Mmark` extension set. The panic occurs inside the `citation.go` file on the line 69 when the parser tries to access the element past its length. This can result in a denial of service. Commit `14b16010c2ee7ff33a940a541d993bd043a88940`/pseudoversion `0.0.0-20230922105210-14b16010c2ee` contains a patch for this issue.
  • CVE-2024-44337: (needs triaging) The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem.

You can find information about how to handle these issues in the security team's documentation.

Created: 2023-09-24 Last update: 2025-02-27 05:02
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.6.2).
Created: 2024-04-07 Last update: 2025-02-27 13:25
news
[rss feed]
  • [2023-12-24] golang-github-gomarkdown-markdown 0.0~git20231115.a660076-1 MIGRATED to testing (Debian testing watch)
  • [2023-12-20] Accepted golang-github-gomarkdown-markdown 0.0~git20231115.a660076-1 (source) into unstable (Anthony Fok)
  • [2022-08-18] golang-github-gomarkdown-markdown 0.0~git20220731.dcdaee8-2 MIGRATED to testing (Debian testing watch)
  • [2022-08-16] Accepted golang-github-gomarkdown-markdown 0.0~git20220731.dcdaee8-2 (source) into unstable (Anthony Fok)
  • [2022-08-16] Accepted golang-github-gomarkdown-markdown 0.0~git20220731.dcdaee8-1 (source all) into unstable, unstable (Debian FTP Masters) (signed by: Anthony Fok)
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 1
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.0~git20231115.a660076-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing