mathjax - Debian Package Tracker

general

source: mathjax (main)
version: 2.7.9+dfsg-1
maintainer: Dmitry Shachnev (DMD)
uploaders: Debian Javascript Maintainers (archive) [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.7.4+dfsg-1
oldstable: 2.7.9+dfsg-1
stable: 2.7.9+dfsg-1
testing: 2.7.9+dfsg-1
unstable: 2.7.9+dfsg-1

versioned links

2.7.4+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.9+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

fonts-mathjax (1 bugs: 0, 1, 0, 0)
fonts-mathjax-extras
libjs-mathjax (1 bugs: 0, 1, 0, 0)

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch line
  https://github.com/mathjax/MathJax/releases .*/archive/v?(2\..*).tar.gz

Created: 2021-03-22 Last update: 2023-12-09 07:04

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2023-39663: Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.

Created: 2023-09-03 Last update: 2023-11-08 06:08

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2023-39663: Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.

Created: 2023-09-03 Last update: 2023-11-08 06:08

lintian reports 257 errors and 8 warnings high

Lintian reports 257 errors and 8 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-07-30 Last update: 2022-07-30 12:15

Depends on packages which need a new maintainer normal

The packages that mathjax depends on which need a new maintainer are:

fonts-stix (#1050247)
- Suggests: fonts-stix

Created: 2023-08-22 Last update: 2023-12-09 09:04

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.7.9+dfsg-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 20ce9a799c226565d306be87ed8733f9ace1817b
Merge: e86a6b7 79c6e54
Author: Yadd <yadd@debian.org>
Date:   Thu Nov 24 10:06:34 2022 +0000

    Merge branch 'scrub-obsolete' into 'debian/sid'
    
    Remove unnecessary constraints
    
    See merge request js-team/mathjax!3

commit 79c6e543dd6141ac1f51c273384980762261db1e
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Tue Oct 25 08:23:42 2022 +0000

    Remove constraints unnecessary since buster (oldstable)
    
    * libjs-mathjax: Drop versioned constraint on fonts-mathjax in Depends.
    
    Changes-By: deb-scrub-obsolete

commit e86a6b72c9b0763e32255d9b880f9c33abeea01c
Author: Dmitry Shachnev <mitya57@debian.org>
Date:   Mon May 10 20:34:19 2021 +0300

    Update debian/watch for new GitHub URLs.

commit cbd32723eee9e331b7f05bd3d5ba59ff7c4d8e79
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:13:05 2020 +0100

    Update d/ch

commit 7f834039a13d3f490a525f4148fb41c4fd1eee11
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:12:27 2020 +0100

    Enable CI
    
    Gbp-Dch: ignore

commit 906854670e34aa5164329286de66ceddde9b8728
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:12:22 2020 +0100

    Modernize debian/watch

commit 0de33c7e99c3b34e8de3c94b7d32e376df11ad01
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:12:22 2020 +0100

    Add debian/gbp.conf

commit 48ab1dfab5ad63ec7d741c3f21b0f1b839102a49
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:12:22 2020 +0100

    Change section to javascript

commit a9a0d737a2704aa3e02c8693e0d98ee07bc9093b
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:12:22 2020 +0100

    Declare compliance with policy 4.5.1

commit b4a5508146d8bd115ee47ee98988e7eff152b366
Author: Xavier Guimard <yadd@debian.org>
Date:   Tue Dec 1 10:12:18 2020 +0100

    Change Maintainer to Pkg-JS Team
    
    Closes: #950424

commit f9121b311dd74b8820a6f06af7afd8cfcf67f7d1
Merge: 34873b3 78decad
Author: Jelmer Vernooĳ <jelmer@debian.org>
Date:   Thu Oct 22 21:10:36 2020 +0000

    Merge branch 'lintian-fixes' into 'debian/sid'
    
    Fix some issues reported by lintian
    
    See merge request js-team/mathjax!2

commit 78decad7d1d540ba89f751df9ce2d7e2cd1274c0
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Sep 18 09:52:04 2020 +0000

    Set upstream metadata fields: Bug-Submit, Repository, Repository-Browse.
    
    Changes-By: lintian-brush
    Fixes: lintian: upstream-metadata-missing-bug-tracking
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-bug-tracking.html
    Fixes: lintian: upstream-metadata-missing-repository
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-repository.html

Created: 2020-10-22 Last update: 2023-12-07 00:37

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2023-39663: (needs triaging) Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-09-03 Last update: 2023-11-08 06:08

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2023-39663: (needs triaging) Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-09-03 Last update: 2023-11-08 06:08

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.5.0).

Created: 2020-11-17 Last update: 2022-12-17 19:18

news

[rss feed]

[2020-09-01] mathjax 2.7.9+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-08-26] Accepted mathjax 2.7.9+dfsg-1 (source) into unstable (Dmitry Shachnev)
[2020-05-28] mathjax 2.7.8+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-05-23] Accepted mathjax 2.7.8+dfsg-1 (source) into unstable (Dmitry Shachnev)
[2018-05-21] mathjax 2.7.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-05-15] Accepted mathjax 2.7.4+dfsg-1 (source) into unstable (Dmitry Shachnev)
[2018-03-05] mathjax 2.7.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-02-27] Accepted mathjax 2.7.3+dfsg-1 (source) into unstable (Dmitry Shachnev)
[2018-01-03] mathjax 2.7.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-12-29] Accepted mathjax 2.7.2+dfsg-1 (source) into unstable (Dmitry Shachnev)
[2017-03-15] Accepted mathjax 2.7.0-1~bpo8+1 (source all) into jessie-backports->backports-policy, jessie-backports (Andreas Tille)
[2017-03-13] mathjax 2.7.0-2 MIGRATED to testing (Debian testing watch)
[2017-03-02] Accepted mathjax 2.7.0-2 (source) into unstable (Dmitry Shachnev)
[2016-10-24] mathjax 2.7.0-1 MIGRATED to testing (Debian testing watch)
[2016-10-17] Accepted mathjax 2.7.0-1 (source) into unstable (Dmitry Shachnev)
[2016-02-20] mathjax 2.6.1-1 MIGRATED to testing (Debian testing watch)
[2016-02-14] Accepted mathjax 2.6.1-1 (source) into unstable (Dmitry Shachnev)
[2016-01-08] mathjax 2.6.0-1 MIGRATED to testing (Debian testing watch)
[2016-01-02] Accepted mathjax 2.6.0-1 (source) into unstable (Dmitry Shachnev)
[2015-05-09] mathjax 2.5.3-1 MIGRATED to testing (Britney)
[2015-05-03] Accepted mathjax 2.5.3-1 (source all) into unstable (Dmitry Shachnev)
[2015-03-26] Accepted mathjax 2.5.1-1 (source all) into experimental (Dmitry Shachnev)
[2015-01-31] Accepted mathjax 2.5.0-1 (source all) into experimental (Dmitry Shachnev)
[2014-10-09] mathjax 2.4-2 MIGRATED to testing (Britney)
[2014-10-03] Accepted mathjax 2.4-2 (source all) into unstable (Dmitry Shachnev)
[2014-06-26] mathjax 2.4-1 MIGRATED to testing (Debian testing watch)
[2014-06-15] Accepted mathjax 2.4-1 (source all) (Dmitry Shachnev)
[2014-02-27] mathjax 2.3-1 MIGRATED to testing (Debian testing watch)
[2014-02-16] Accepted mathjax 2.3-1 (source all) (Dmitry Shachnev)
[2013-06-06] mathjax 2.2-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 3
RC: 0
I&N: 2
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (257, 8)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.7.9+dfsg-1
2 bugs