openSUSE: 2021:0429-1 moderate: python-markdown2
Description
This update for python-markdown2 fixes the following issues: Update to 2.4.0 (boo#1181270): - [pull #377] Fixed bug breaking strings elements in metadata lists - [pull #380] When rendering fenced code blocks, also add the language-LANG class - [pull #387] Regex DoS fixes (CVE-2021-26813, boo#1183171) - Switch off failing tests (gh#trentm/python-markdown2#388), ignore failing test suite. update to 2.3.9: - [pull #335] Added header support for wiki tables - [pull #336] Reset _toc when convert is run - [pull #353] XSS fix - [pull #350] XSS fix - Add patch to fix unsanitized input for cross-site scripting (boo#1171379)
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-429=1
Package List
- openSUSE Leap 15.2 (noarch): python2-markdown2-2.4.0-lp152.2.3.1 python3-markdown2-2.4.0-lp152.2.3.1
References
https://www.suse.com/security/cve/CVE-2021-26813.html https://bugzilla.suse.com/1171379 https://bugzilla.suse.com/1181270 https://bugzilla.suse.com/1183171