Fedora 40: pandoc 2024-7d83cbccb6
Summary
Pandoc is a Haskell library for converting from one markup format to another.
The formats it can handle include
- light markup formats (many variants of Markdown, reStructuredText, AsciiDoc,
Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML 4 and 5) - Ebook
formats (EPUB v2 and v3, FB2) - Documentation formats (GNU TexInfo, Haddock) -
Roff formats (man, ms) - TeX formats (LaTeX, ConTeXt) - Typst - XML formats
(DocBook 4 and 5, JATS, TEI Simple, OpenDocument) - Outline formats (OPML) -
Bibliography formats (BibTeX, BibLaTeX, CSL JSON, CSL YAML, RIS) - Word
processor formats (Docx, RTF, ODT) - Interactive notebook formats (Jupyter
notebook ipynb) - Page layout formats (InDesign ICML) - Wiki markup formats
(MediaWiki, DokuWiki, TikiWiki, TWiki, Vimwiki, XWiki, ZimWiki, Jira wiki,
Creole) - Slide show formats (LaTeX Beamer, PowerPoint, Slidy, reveal.js,
Slideous, S5, DZSlides) - Data formats (CSV and TSV tables) - PDF (via external
programs such as pdflatex or wkhtmltopdf)
Pandoc can convert mathematical content in documents between TeX, MathML, Word
equations, roff eqn, typst, and plain text. It includes a powerful system for
automatic citations and bibliographies, and it can be customized extensively
using templates, filters, and custom readers and writers written in Lua.
For the pandoc command-line program, see the 'pandoc-cli' package.
For pdf output please also install pandoc-pdf or weasyprint.
Update Information:
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary patat: update to 0.11.0.0 and enable tests base64, isocline, toml-parser: now packaged in Fedora
Change Log
* Tue Mar 5 2024 Jens Petersen
References
[ 1 ] Bug #2220871 - CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system https://bugzilla.redhat.com/show_bug.cgi?id=2220871 [ 2 ] Bug #2225379 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system (incomplete fix in upstream for CVE-2023-35936) https://bugzilla.redhat.com/show_bug.cgi?id=2225379
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7d83cbccb6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html