Register | Log in

node-marked

Full-featured markdown parser and compiler for NodeJS

Choose email to subscribe with

general

source: node-marked (main)
version: 4.2.3+ds+~4.0.7-2
maintainer: Debian Javascript Maintainers (archive) (DMD)
uploaders: Julian Taylor [DMD] [DM]
arch: all
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.3.6+dfsg-1
oldstable: 0.5.1+dfsg-1
stable: 0.8.0+ds+repack-2
testing: 4.2.2+ds+~4.0.7-1
unstable: 4.2.3+ds+~4.0.7-2

versioned links

0.3.6+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.5.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.8.0+ds+repack-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.2.2+ds+~4.0.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.2.3+ds+~4.0.7-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libjs-marked
node-marked

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

unknown ctype nodejs

Created: 2021-12-03 Last update: 2022-12-07 13:32

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2022-02-18 Last update: 2022-12-07 13:35

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2022-21680: (needs triaging) Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
CVE-2022-21681: (needs triaging) Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2022-12-03 17:37

testing migrations

excuses:
- Migration status for node-marked (4.2.2+ds+~4.0.7-1 to 4.2.3+ds+~4.0.7-2): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Too young, only 4 of 5 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/n/node-marked.html
- ∙ ∙ autopkgtest for node-marked/4.2.3+ds+~4.0.7-2: amd64: Pass, arm64: Pass, armel: Not a regression, armhf: Pass, i386: Pass, ppc64el: Pass, s390x: Pass
- Not considered

news

[2022-12-03] Accepted node-marked 4.2.3+ds+~4.0.7-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-11-30] Accepted node-marked 4.2.3+ds+~4.0.7-1 (source) into experimental (Yadd) (signed by: Xavier Guimard)
[2022-11-11] node-marked 4.2.2+ds+~4.0.7-1 MIGRATED to testing (Debian testing watch)
[2022-11-06] Accepted node-marked 4.2.2+ds+~4.0.7-1 (source) into unstable (Yadd) (signed by: Jérémy Lal)
[2022-10-31] node-marked 4.1.0+ds+~4.0.6-2 MIGRATED to testing (Debian testing watch)
[2022-10-26] Accepted node-marked 4.1.0+ds+~4.0.6-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-09-07] node-marked 4.1.0+ds+~4.0.6-1 MIGRATED to testing (Debian testing watch)
[2022-09-07] node-marked 4.1.0+ds+~4.0.6-1 MIGRATED to testing (Debian testing watch)
[2022-09-04] Accepted node-marked 4.1.0+ds+~4.0.6-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-08-24] node-marked 4.0.18+ds+~4.0.5-1 MIGRATED to testing (Debian testing watch)
[2022-08-24] node-marked 4.0.18+ds+~4.0.5-1 MIGRATED to testing (Debian testing watch)
[2022-08-19] Accepted node-marked 4.0.18+ds+~4.0.5-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-07-02] node-marked 4.0.17+ds+~4.0.3-1 MIGRATED to testing (Debian testing watch)
[2022-06-30] Accepted node-marked 4.0.17+ds+~4.0.3-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-05-20] node-marked 4.0.16+ds+~4.0.3-1 MIGRATED to testing (Debian testing watch)
[2022-05-18] Accepted node-marked 4.0.16+ds+~4.0.3-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-02-18] node-marked 4.0.12+ds+~4.0.1-2 MIGRATED to testing (Debian testing watch)
[2022-02-18] node-marked 4.0.12+ds+~4.0.1-2 MIGRATED to testing (Debian testing watch)
[2022-02-15] Accepted node-marked 4.0.12+ds+~4.0.1-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-01-31] node-marked 4.0.12+ds+~4.0.1-1 MIGRATED to testing (Debian testing watch)
[2022-01-28] Accepted node-marked 4.0.12+ds+~4.0.1-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-01-15] node-marked 4.0.9+ds+~4.0.1-2 MIGRATED to testing (Debian testing watch)
[2022-01-12] Accepted node-marked 4.0.9+ds+~4.0.1-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-01-12] Accepted node-marked 4.0.9+ds+~4.0.1-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-01-11] node-marked 4.0.5+ds-5 MIGRATED to testing (Debian testing watch)
[2022-01-09] Accepted node-marked 4.0.5+ds-5 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2022-01-09] Accepted node-marked 4.0.5+ds-4 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2021-12-02] Accepted node-marked 4.0.5+ds-3 (source) into unstable (Jonas Smedegaard)
[2021-11-28] Accepted node-marked 4.0.5+ds-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2021-11-28] Accepted node-marked 4.0.5+ds-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.2.3+ds+~4.0.7-2ubuntu1
patches for 4.2.3+ds+~4.0.7-2ubuntu1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing