Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

Fedora 11: FEDORA-2009-10329: Critical: python-markdown2 XSS Fix

fedora
Calendar Grey October 27, 2009
Dist Fedora Esm H88
Update to python-markdown2-1.0.1.15 to resolve vulnerabilities related to XSS and md5 hashing in Fedora.
Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - [Issue 30] Fix a possible XSS via JavaScript injection in a carefully craf...

Summary

Markdown is a text-to-HTML filter; it translates an easy-to-read /

easy-to-write structured text format into HTML. Markdown's text format

is most similar to that of plain text email, and supports features

such as headers, emphasis, code blocks, blockquotes, and links.

This is a fast and complete Python implementation of the Markdown

spec.

For information about markdown itself, see

https://daringfireball.net/projects/markdown/

Update Information:

Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - [Issue 30] Fix a possible XSS via JavaScript injection in a carefully crafted image reference (usage of double-quotes in the URL). - [Issue 29] Fix security hole in the md5-hashing scheme for handling HTML chunks during processing. See https://code.google.com/archive/p/python-markdown2/source for the full changelog.

Topics%20covered

Topics Covered

security advisory fedora software update xss hashing

Change Log

* Thu Oct 8 2009 Thomas Moschny - 1.0.1.15-1 - Update to 1.0.1.15. Fixes three issues, two of them being security-related. * Wed Sep 2 2009 Thomas Moschny - 1.0.1.13-3 - Patch syntax_color test case for older pygments version on rhel. * Sun Jul 26 2009 Fedora Release Engineering - 1.0.1.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Sat Jul 11 2009 Thomas Moschny - 1.0.1.13-1 - Update to 1.0.1.13.

References

Fedora Update Notification FEDORA-2009-10329 2009-10-09 02:20:39
Name : python-markdown2 Product : Fedora 11 Version : 1.0.1.15 Release : 1.fc11 URL : https://code.google.com/archive/p/python-markdown2 Summary : A fast and complete Python implementation of Markdown Description : Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links.
This is a fast and complete Python implementation of the Markdown spec.
For information about markdown itself, see https://daringfireball.net/projects/markdown/

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update python-markdown2' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python-markdown2
Product: Fedora 11
Version: 1.0.1.15
Release: 1.fc11
URL: https://code.google.com/archive/p/python-markdown2
Summary: A fast and complete Python implementation of Markdown

Topics%20covered

Topics Covered

security advisory fedora software update xss hashing

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here