Debian Package Tracker
Register | Log in
Subscribe

node-marked

Full-featured markdown parser and compiler for NodeJS

Choose email to subscribe with

general
  • source: node-marked (main)
  • version: 4.2.3+ds+~4.0.7-2
  • maintainer: Debian Javascript Maintainers (archive) (DMD)
  • uploaders: Julian Taylor [DMD] [DM]
  • arch: all
  • std-ver: 4.6.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 0.5.1+dfsg-1
  • oldstable: 0.8.0+ds+repack-2
  • stable: 4.2.3+ds+~4.0.7-2
  • testing: 4.2.3+ds+~4.0.7-2
  • unstable: 4.2.3+ds+~4.0.7-2
versioned links
  • 0.5.1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.8.0+ds+repack-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.3+ds+~4.0.7-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libjs-marked
  • node-marked
action needed
Problems while searching for a new upstream version high
uscan had problems while searching for a new upstream version:
unknown ctype nodejs
Created: 2021-12-03 Last update: 2023-09-28 06:05
A new upstream version is available: 9.0.3 high
A new upstream version 9.0.3 is available, you should consider packaging it.
Created: 2022-12-16 Last update: 2023-09-28 06:05
Fails to build during reproducibility testing normal
A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!
Created: 2022-02-18 Last update: 2023-09-28 09:01
2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:
  • CVE-2022-21680: (needs triaging) Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `block.def` may cause catastrophic backtracking against some strings and lead to a regular expression denial of service (ReDoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.
  • CVE-2022-21681: (needs triaging) Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2023-06-11 06:30
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).
Created: 2022-12-17 Last update: 2022-12-17 19:18
news
[rss feed]
  • [2022-12-08] node-marked 4.2.3+ds+~4.0.7-2 MIGRATED to testing (Debian testing watch)
  • [2022-12-03] Accepted node-marked 4.2.3+ds+~4.0.7-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-11-30] Accepted node-marked 4.2.3+ds+~4.0.7-1 (source) into experimental (Yadd) (signed by: Xavier Guimard)
  • [2022-11-11] node-marked 4.2.2+ds+~4.0.7-1 MIGRATED to testing (Debian testing watch)
  • [2022-11-06] Accepted node-marked 4.2.2+ds+~4.0.7-1 (source) into unstable (Yadd) (signed by: Jérémy Lal)
  • [2022-10-31] node-marked 4.1.0+ds+~4.0.6-2 MIGRATED to testing (Debian testing watch)
  • [2022-10-26] Accepted node-marked 4.1.0+ds+~4.0.6-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-09-07] node-marked 4.1.0+ds+~4.0.6-1 MIGRATED to testing (Debian testing watch)
  • [2022-09-07] node-marked 4.1.0+ds+~4.0.6-1 MIGRATED to testing (Debian testing watch)
  • [2022-09-04] Accepted node-marked 4.1.0+ds+~4.0.6-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-08-24] node-marked 4.0.18+ds+~4.0.5-1 MIGRATED to testing (Debian testing watch)
  • [2022-08-24] node-marked 4.0.18+ds+~4.0.5-1 MIGRATED to testing (Debian testing watch)
  • [2022-08-19] Accepted node-marked 4.0.18+ds+~4.0.5-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-07-02] node-marked 4.0.17+ds+~4.0.3-1 MIGRATED to testing (Debian testing watch)
  • [2022-06-30] Accepted node-marked 4.0.17+ds+~4.0.3-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-05-20] node-marked 4.0.16+ds+~4.0.3-1 MIGRATED to testing (Debian testing watch)
  • [2022-05-18] Accepted node-marked 4.0.16+ds+~4.0.3-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-02-18] node-marked 4.0.12+ds+~4.0.1-2 MIGRATED to testing (Debian testing watch)
  • [2022-02-18] node-marked 4.0.12+ds+~4.0.1-2 MIGRATED to testing (Debian testing watch)
  • [2022-02-15] Accepted node-marked 4.0.12+ds+~4.0.1-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-01-31] node-marked 4.0.12+ds+~4.0.1-1 MIGRATED to testing (Debian testing watch)
  • [2022-01-28] Accepted node-marked 4.0.12+ds+~4.0.1-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-01-15] node-marked 4.0.9+ds+~4.0.1-2 MIGRATED to testing (Debian testing watch)
  • [2022-01-12] Accepted node-marked 4.0.9+ds+~4.0.1-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-01-12] Accepted node-marked 4.0.9+ds+~4.0.1-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-01-11] node-marked 4.0.5+ds-5 MIGRATED to testing (Debian testing watch)
  • [2022-01-09] Accepted node-marked 4.0.5+ds-5 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2022-01-09] Accepted node-marked 4.0.5+ds-4 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • [2021-12-02] Accepted node-marked 4.0.5+ds-3 (source) into unstable (Jonas Smedegaard)
  • [2021-11-28] Accepted node-marked 4.0.5+ds-2 (source) into unstable (Yadd) (signed by: Xavier Guimard)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 4.2.3+ds+~4.0.7-2ubuntu1
  • patches for 4.2.3+ds+~4.0.7-2ubuntu1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing