Hello, ruby-sig folks: rubygem-kramdown before 2.3.0 has security issue assigned as CVE-2020-14001 : https://bugzilla.redhat.com/show_bug.cgi?id=1858395 , so I've pushed updates rubygem-kramdown-2.2.1-4.fc32 for Fedora 32, and rubygem-kramdown-1.17.0-6.fc31 for Fedora 31.
For EPEL(7), as I've repeatedly said I didn't maintain any packages on EPEL, however as somehow EPEL updates request was assigned to me : https://bugzilla.redhat.com/show_bug.cgi?id=1858415 I've created rubygem-kramdown-1.9.0-2.el7 updates which was pushed to stable yesterday - however it seems there was some mistakes on the patch I've applied: https://bugzilla.redhat.com/show_bug.cgi?id=1889144 So as I've thought before I am afraid that I should not maintain packages on EPEL, so once I've orphaned rubygem-kramdown on EPEL. I hope that someone who really uses EPEL can take care of this. Note that I'll keep maintaining rubygem-kramdown on Fedora branches. Regards, Mamoru _______________________________________________ ruby-sig mailing list -- ruby-sig@lists.fedoraproject.org To unsubscribe send an email to ruby-sig-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/ruby-sig@lists.fedoraproject.org