MGASA-2023-0181 - Updated cmark packages fix security vulnerability

Publication date: 21 May 2023
URL: https://advisories.mageia.org/MGASA-2023-0181.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2023-22484,
     CVE-2023-22486

cmark incorrectly handled certain inputs. Fixes quadratic complexity in
handle_close_bracket "![[]()" which may lead to a denial of service
(CVE-2023-22486).
Noting that this also fixes a quadratic parsing issue with repeated 
 
cmark incorrectly handled certain inputs. Fixes quadratic complexity in
handle_close_bracket "![[]()" which may lead to a denial of service
(CVE-2023-22486).
Noting that this also fixes a quadratic parsing issue with repeated 
                
                    




                            


     

                  
                            

                           

                                

                                    
                                        Parrot OS 5.2 Tightens Security, Better TOR Bridges Support                                    
                                

                                
Feb 20, 2023

                            
                  
                                  
                            
                            
                    

                
                    




                            


     

                  
                            

                           

                                

                                    
                                         Tails 5.9 Fixes Numerous Bugs and Enhances Security Measures                                    
                                

                                
Jan 30, 2023

                            
                  
                                  
                            
                            
                    

                
                    




                            


     

                  
                            

                           

                                

                                    
                                        Modern Intel Processors Will Now Run Better Under Linux                                    
                                

                                
Aug 29, 2022

                            
                  
                                  
                            
                            
                    

                
                    




                            


     

                  
                            

                           

                                

                                    
                                        KDE Kicks Off August With More Desktop Bug Fixes                                    
                                

                                
Aug 10, 2022