Your message dated Fri, 07 Apr 2023 18:49:14 +0000
with message-id <[email protected]>
and subject line Bug#1031764: fixed in markdown-it-py 2.1.0-5
has caused the Debian Bug report #1031764,
regarding markdown-it-py: CVE-2023-26302 CVE-2023-26303
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1031764: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031764
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: markdown-it-py
Version: 2.1.0-4
Severity: normal
Dear Maintainer,
markdown-it-py released a new version today that addresses a recent CVE,
among other fixes.
Please, consider upgrading to version 2.2.0.
Thanks!
-- System Information:
Debian Release: bookworm/sid
APT prefers lunar-proposed
APT policy: (990, 'lunar-proposed'), (500, 'lunar')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-14-generic (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8),
LANGUAGE=en_IE:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: markdown-it-py
Source-Version: 2.1.0-5
Done: Emmanuel Arias <[email protected]>
We believe that the bug you reported is fixed in the latest version of
markdown-it-py, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Emmanuel Arias <[email protected]> (supplier of updated markdown-it-py package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 31 Mar 2023 07:50:42 -0300
Source: markdown-it-py
Architecture: source
Version: 2.1.0-5
Distribution: unstable
Urgency: high
Maintainer: Debian Python Team <[email protected]>
Changed-By: Emmanuel Arias <[email protected]>
Closes: 1031764
Changes:
markdown-it-py (2.1.0-5) unstable; urgency=high
.
* d/paches: Add patches from upstream to fix CVE-2023-26302 and
CVE-2023-26303 (Closes: #1031764).
- The patches added are:
0001-fix-unnecessary-asserts-leading-to-crashes.patch and
0002-fix-dos-casued-by-invalid-utf-8-char-as-input.patch.
Checksums-Sha1:
30439fd51fcc61b8c33442bce89a858eca105dd3 1978 markdown-it-py_2.1.0-5.dsc
37028d7e8e14885c8416e29d27849421c6279952 5432
markdown-it-py_2.1.0-5.debian.tar.xz
ea5dc0c07201d12a69a952c3037671744ee62c8a 7647
markdown-it-py_2.1.0-5_amd64.buildinfo
Checksums-Sha256:
6d2e954bfe6f636c0f5b93b00e12f6c4481c58473fad82a17ce06b1e1f93d659 1978
markdown-it-py_2.1.0-5.dsc
cc77c0b8ba0bf137e83d29d27cb296fd3a1c1f8f5eb767e3f4b5c433a24eba3c 5432
markdown-it-py_2.1.0-5.debian.tar.xz
102e65a408becbae41e725695560c012c403a2ac81f9315dcdf796d858880311 7647
markdown-it-py_2.1.0-5_amd64.buildinfo
Files:
337c26a009e03cd5af77a0e59612e65e 1978 python optional
markdown-it-py_2.1.0-5.dsc
ec2dfa81856ce85eb1f379d60c521fd1 5432 python optional
markdown-it-py_2.1.0-5.debian.tar.xz
7f0c7106d9b494a184566b44b78bbd55 7647 python optional
markdown-it-py_2.1.0-5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQRZVjztY8b+Ty43oH1itBCJKh26HQUCZDBjygAKCRBitBCJKh26
HZHcAQDgeWdWOHwWvYNhTYUWUF7C8I8exDZ8Iz3miJKOmPR8fQEAiih9+UhtHVlN
O9dgPr1YQE6yXaqaGOGD/oA8sKNqiww=
=nSgN
-----END PGP SIGNATURE-----
--- End Message ---
