Fedora 39: FEDORA-2024-c563929e49 Medium Risk: Pandoc-CLI Security Issue
fedora
March 30, 2024
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary
Summary
Pandoc-cli provides a command-line executable that uses the pandoc library to
convert between markup formats.
Update Information:
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary patat: update to 0.11.0.0 and enable tests base64, isocline, toml-parser: now packaged in Fedora
Topics Covered
Change Log
* Wed Feb 28 2024 Jens Petersen
References
[ 1 ] Bug #2220871 - CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system
https://bugzilla.redhat.com/show_bug.cgi?id=2220871
[ 2 ] Bug #2225379 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system (incomplete fix in upstream for CVE-2023-35936)
https://bugzilla.redhat.com/show_bug.cgi?id=2225379
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b458482d48' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
PREVIOUS
NEXT
Severity
medium
Lowest
Low
Medium
High
Critical
Name: pandoc-cli
Product: Fedora 39
Version: 3.1.3
Release: 29.fc39
Summary: Conversion between documentation formats
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!