On Fri, Feb 9, 2024 at 8:05 PM Christopher Klooz <py0...@posteo.net> wrote:
> The package "pandoc" remains at 3.1.3 in Fedora, but pandoc is already at > 3.1.11.1. Among the updates since 3.1.3, there have been two > security-critical (including the medium CVE-2023-35936. Security fixes are > in 3.1.4 & 3.1.6). > > The actual risk is limited, but these should be updated nevertheless. > Just noting here for the record too, that those pandoc CVEs are now fixed with backports in Rawhide, and I will gradually push them back to current releases in the near future. Thanks, Jens
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue