Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 18 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 41 Addresses Critical Server-Side Request Forgery Issue in Pandoc

pandoc-cli: enable pandoc server (semantically safe) with pandoc-server-0.1.0.5 pandoc: apply upstream patch to avoid error with ConTeXt (#2365309) https://github.com/jgm/pandoc/issues/9820. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ef1d49c67b 2025-10-08 01:15:30.970785+00:00 -------------------------------------------------------------------------------- Name : pandoc Product : Fedora 41 Version : 3.1.11.1 Release : 34.fc41 URL : https://hackage.haskell.org/package/pandoc Summary : Conversion between markup formats Description : Pandoc is a Haskell library for converting from one markup format to another. The formats it can handle include - light markup formats (many variants of Markdown, reStructuredText, AsciiDoc, Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML 4 and 5) - Ebook formats (EPUB v2 and v3, FB2) - Documentation formats (GNU TexInfo, Haddock) - Roff formats (man, ms) - TeX formats (LaTeX, ConTeXt) - Typst - XML formats (DocBook 4 and 5, JATS, TEI Simple, OpenDocument) - Outline formats (OPML) - Bibliography formats (BibTeX, BibLaTeX, CSL JSON, CSL YAML, RIS) - Word processor formats (Docx, RTF, ODT) - Interactive notebook formats (Jupyter notebook ipynb) - Page layout formats (InDesign ICML) - Wiki markup formats (MediaWiki, DokuWiki, TikiWiki, TWiki, Vimwiki, XWiki, ZimWiki, Jira wiki, Creole) - Slide show formats (LaTeX Beamer, PowerPoint, Slidy, reveal.js, Slideous, S5, DZSlides) - Data formats (CSV and TSV tables) - PDF (via external programs such as pdflatex or wkhtmltopdf) Pandoc can convert mathematical content in documents between TeX, MathML, Word equations, roff eqn, typst, and plain text. It includes a powerful system for automatic citations and bibliographies, and it can be customized extensively using templates, filters, and custom readers and writers written in Lua. For the pandoc command-line program, see the 'pandoc-cli'package. -------------------------------------------------------------------------------- Update Information: pandoc-cli: enable pandoc server (semantically safe) with pandoc-server-0.1.0.5 pandoc: apply upstream patch to avoid error with ConTeXt (#2365309) https://github.com/jgm/pandoc/issues/9820 -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 1 2025 Jens Petersen - 3.1.11.1-34 - apply upstream patch to avoid error with ConTeXt (#2365309) https://github.com/jgm/pandoc/issues/9820 * Mon Aug 4 2025 Jens Petersen - 3.1.11.1-33 - update MANUAL to cover threat related to HTML iframe https://github.com/jgm/pandoc/issues/10682 * Fri Jan 17 2025 Fedora Release Engineering - 3.1.11.1-32 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2379955 - CVE-2025-51591 pandoc: Server-Side Request Forgery in Pandoc [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2379955 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ef1d49c67b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical fix for Fedore 41's pandoc addresses Server-Side Request Forgery flaw, ensuring safe server operations.. Fedora pandoc update, server-side request forgery, pandoc security fix, Fedora software advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 08, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 42: Critical Server-Side Request Forgery Fix in Pandoc Update

update MANUAL to cover threat related to user HTML iframe. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-07fdd73bf0 2025-08-15 01:03:42.055476+00:00 -------------------------------------------------------------------------------- Name : pandoc Product : Fedora 42 Version : 3.1.11.1 Release : 33.fc42 URL : https://hackage.haskell.org/package/pandoc Summary : Conversion between markup formats Description : Pandoc is a Haskell library for converting from one markup format to another. The formats it can handle include - light markup formats (many variants of Markdown, reStructuredText, AsciiDoc, Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML 4 and 5) - Ebook formats (EPUB v2 and v3, FB2) - Documentation formats (GNU TexInfo, Haddock) - Roff formats (man, ms) - TeX formats (LaTeX, ConTeXt) - Typst - XML formats (DocBook 4 and 5, JATS, TEI Simple, OpenDocument) - Outline formats (OPML) - Bibliography formats (BibTeX, BibLaTeX, CSL JSON, CSL YAML, RIS) - Word processor formats (Docx, RTF, ODT) - Interactive notebook formats (Jupyter notebook ipynb) - Page layout formats (InDesign ICML) - Wiki markup formats (MediaWiki, DokuWiki, TikiWiki, TWiki, Vimwiki, XWiki, ZimWiki, Jira wiki, Creole) - Slide show formats (LaTeX Beamer, PowerPoint, Slidy, reveal.js, Slideous, S5, DZSlides) - Data formats (CSV and TSV tables) - PDF (via external programs such as pdflatex or wkhtmltopdf) Pandoc can convert mathematical content in documents between TeX, MathML, Word equations, roff eqn, typst, and plain text. It includes a powerful system for automatic citations and bibliographies, and it can be customized extensively using templates, filters, and custom readers and writers written in Lua. For the pandoc command-line program, see the 'pandoc-cli' package. -------------------------------------------------------------------------------- Update Information: update MANUAL to coverthreat related to user HTML iframe -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 4 2025 Jens Petersen - 3.1.11.1-33 - update MANUAL to cover threat related to HTML iframe https://github.com/jgm/pandoc/issues/10682 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2379956 - CVE-2025-51591 pandoc: Server-Side Request Forgery in Pandoc [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2379956 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-07fdd73bf0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Release for Fedora 42 fixes a major server-side request forgery vulnerability in Pandoc. Ensure your system is safe and up-to-date!. Fedora 42, pandoc, security update, server-side request forgery, critical update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 15, 2025 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 38 Gitit Update: FEDORA-2024-6ad6b9f417 Critical File Overwrite Fix

Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-6ad6b9f417 2024-03-31 01:53:51.907786 -------------------------------------------------------------------------------- Name : gitit Product : Fedora 38 Version : 0.15.1.1 Release : 3.fc38 URL : https://hackage.haskell.org/package/gitit Summary : Wiki using happstack, git or darcs, and pandoc Description : Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line tools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in (extended) markdown, reStructuredText, LaTeX, HTML, or literate Haskell. Notable features include * plugins: dynamically loaded page transformations written in Haskell (see "Network.Gitit.Interface") * conversion of TeX math to MathML for display in web browsers * syntax highlighting of source code files and code snippets * Atom feeds (site-wide and per-page) * a library, "Network.Gitit", that makes it simple to include a gitit wiki in any happstack application You can see a running demo at . For usage information: 'gitit --help'. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Jens Petersen - 0.15.1.1-3 - minor doc file related packaging tweaks * Sun Aug 6 2023 Jens Petersen - 0.15.1.1-2 - fixup the SPDX license tagging with AND/OR * Mon Jul 24 2023 Jens Petersen - 0.15.1.1-1 -https://hackage.haskell.org/package/gitit-0.15.1.1/changelog * Wed Jul 19 2023 Fedora Release Engineering - 0.15.1.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2163472 - Review Request: ghc-base64 - A modern RFC 4648-compliant Base64 library https://bugzilla.redhat.com/show_bug.cgi?id=2163472 [ 2 ] Bug #2220873 - TRIAGE pandoc: TRIAGE_CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2220873 [ 3 ] Bug #2227034 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2227034 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-6ad6b9f417' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 38 has released security patches for Gitit, targeting vulnerabilities CVE-2023-35936and CVE-2023-38745.. File Overwrite Risk, Gitit Update, Fedora Security, Pandoc Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 31, 2024 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 38: FEDORA-2024-6ad6b9f417 Critical: Pandoc File Overwrite

Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-6ad6b9f417 2024-03-31 01:53:51.907786 -------------------------------------------------------------------------------- Name : pandoc Product : Fedora 38 Version : 2.19.2 Release : 22.fc38 URL : https://hackage.haskell.org/package/pandoc Summary : Conversion between markup formats Description : Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. The formats it can handle include - light markup formats (many variants of Markdown, reStructuredText, AsciiDoc, Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML 4 and 5) - Ebook formats (EPUB v2 and v3, FB2) - Documentation formats (GNU TexInfo, Haddock) - Roff formats (man, ms) - TeX formats (LaTeX, ConTeXt) - XML formats (DocBook 4 and 5, JATS, TEI Simple, OpenDocument) - Outline formats (OPML) - Bibliography formats (BibTeX, BibLaTeX, CSL JSON, CSL YAML, RIS) - Word processor formats (Docx, RTF, ODT) - Interactive notebook formats (Jupyter notebook ipynb) - Page layout formats (InDesign ICML) - Wiki markup formats (MediaWiki, DokuWiki, TikiWiki, TWiki, Vimwiki, XWiki, ZimWiki, Jira wiki, Creole) - Slide show formats (LaTeX Beamer, PowerPoint, Slidy, reveal.js, Slideous, S5, DZSlides) - Data formats (CSV and TSV tables) - PDF (via external programs such as pdflatex or wkhtmltopdf) Pandoc can convert mathematical content in documents between TeX, MathML, Word equations, roff eqn, and plain text. It includes a powerful system for automatic citations and bibliographies, and it can be customized extensively using templates, filters, and custom readers and writers written in Lua. For pdf output please also install pandoc-pdf orweasyprint. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 21 2024 Jens Petersen - 2.19.2-22 - backport fixes for CVE-2023-35936 and CVE-2023-38745 - base64 is now packaged in fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #2163472 - Review Request: ghc-base64 - A modern RFC 4648-compliant Base64 library https://bugzilla.redhat.com/show_bug.cgi?id=2163472 [ 2 ] Bug #2220873 - TRIAGE pandoc: TRIAGE_CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2220873 [ 3 ] Bug #2227034 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2227034 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-6ad6b9f417' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 39 releases a security patch for git, resolving significant weaknesses that could lead to command injection risks.. Fedora 38,pandoc update,security advisory,file overwrite,Haskell library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 31, 2024 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Ubuntu 24: 2024-abcd12ef456 Major: Markdown Vulnerability Exploit

Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-6ad6b9f417 2024-03-31 01:53:51.907786 -------------------------------------------------------------------------------- Name : patat Product : Fedora 38 Version : 0.8.8.0 Release : 2.fc38 URL : https://hackage.haskell.org/package/patat Summary : Terminal-based presentations using Pandoc Description : Terminal-based presentations using Pandoc. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 22 2024 Jens Petersen - 0.8.8.0-2 - rebuild * Fri Mar 22 2024 Jens Petersen - 0.8.8.0-1 - Revert to 0.8.8.0 * Thu Sep 28 2023 Jens Petersen - 0.9.2.0-1 - https://hackage.haskell.org/package/patat-0.9.2.0/changelog * Thu Jul 27 2023 Jens Petersen - 0.8.9.0-1 - https://hackage.haskell.org/package/patat-0.8.9.0/changelog * Thu Jul 20 2023 Fedora Release Engineering - 0.8.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2163472 - Review Request: ghc-base64 - A modern RFC 4648-compliant Base64 library https://bugzilla.redhat.com/show_bug.cgi?id=2163472 [ 2 ] Bug #2220873 - TRIAGE pandoc: TRIAGE_CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2220873 [ 3 ] Bug #2227034 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files onthe system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2227034 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-6ad6b9f417' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Urgent security advisory for Fedora 38 about pandoc backports and CVEs: CVE-2023-35936, CVE-2023-38745. Timely updates are vital for system integrity and data protection. Fedora 38 Security Advisory,pandoc Arbitrary File Issue,backported security fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 31, 2024 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorafile overwrite

Fedora 39: FEDORA-2024-c563929e49 Medium Risk: Pandoc-CLI Security Issue

Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-b458482d48 2024-03-30 01:08:11.513507 -------------------------------------------------------------------------------- Name : pandoc-cli Product : Fedora 39 Version : 3.1.3 Release : 29.fc39 URL : https://hackage.haskell.org/package/pandoc-cli Summary : Conversion between documentation formats Description : Pandoc-cli provides a command-line executable that uses the pandoc library to convert between markup formats. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary patat: update to 0.11.0.0 and enable tests base64, isocline, toml-parser: now packaged in Fedora -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 28 2024 Jens Petersen - 3.1.3-29 - provide a pandoc binary package instead of pandoc-cli * Wed Feb 28 2024 Jens Petersen - 0.1.1.1-28 - hslua subpackages moved here from pandoc * Thu Feb 22 2024 Jens Petersen - 0.1.1.1-1 - spec file generated by cabal-rpm-2.1.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2220871 - CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system https://bugzilla.redhat.com/show_bug.cgi?id=2220871 [ 2 ] Bug #2225379 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system (incomplete fix in upstream for CVE-2023-35936) https://bugzilla.redhat.com/show_bug.cgi?id=2225379 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b458482d48' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Security patches addressing CVE-2023-35936 and CVE-2023-38745 have been implemented in the latest Fedora updates for pandoc-cli, along with backported enhancements.. Fedora Update, Security Fixes, pandoc-cli, File Overwrite. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Mar 30, 2024 Medium Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 39: FEDORA-2024-b458482d48 Critical: Pandoc File Overwrite Fix

Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-b458482d48 2024-03-30 01:08:11.513507 -------------------------------------------------------------------------------- Name : patat Product : Fedora 39 Version : 0.11.0.0 Release : 1.fc39 URL : https://hackage.haskell.org/package/patat Summary : Terminal-based presentations using Pandoc Description : Terminal-based presentations using Pandoc. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary patat: update to 0.11.0.0 and enable tests base64, isocline, toml-parser: now packaged in Fedora -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 28 2024 Jens Petersen - 0.11.0.0-1 - update to 0.11.0.0 and enable tests * Thu Jan 25 2024 Fedora Release Engineering - 0.9.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering - 0.9.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2220871 - CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system https://bugzilla.redhat.com/show_bug.cgi?id=2220871 [ 2 ] Bug #2225379 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system (incomplete fix in upstream for CVE-2023-35936) https://bugzilla.redhat.com/show_bug.cgi?id=2225379 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b458482d48' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 39 now addresses vulnerabilities CVE-2023-35936 and CVE-2023-38745. Ensure you update to the newest security patches.. Fedora Update, Pandoc Fix, Security Patch, Software Protection. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 30, 2024 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 39: FEDORA-2024-b458482d48 Critical: Gitit File Overwrite

Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-b458482d48 2024-03-30 01:08:11.513507 -------------------------------------------------------------------------------- Name : gitit Product : Fedora 39 Version : 0.15.1.1 Release : 6.fc39 URL : https://hackage.haskell.org/package/gitit Summary : Wiki using happstack, git or darcs, and pandoc Description : Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line tools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in (extended) markdown, reStructuredText, LaTeX, HTML, or literate Haskell. Notable features include * plugins: dynamically loaded page transformations written in Haskell (see "Network.Gitit.Interface") * conversion of TeX math to MathML for display in web browsers * syntax highlighting of source code files and code snippets * Atom feeds (site-wide and per-page) * a library, "Network.Gitit", that makes it simple to include a gitit wiki in any happstack application You can see a running demo at . For usage information: 'gitit --help'. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 pandoc-cli: new package for pandoc binary patat: update to 0.11.0.0 and enable tests base64, isocline, toml-parser: now packaged in Fedora -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 27 2024 Jens Petersen - 0.15.1.1-6 - rebuild * Wed Jan 24 2024 Fedora Release Engineering - 0.15.1.1-5 - Rebuiltfor https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 0.15.1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2220871 - CVE-2023-35936 pandoc: allows attacker to create or overwrite arbitrary files on the system https://bugzilla.redhat.com/show_bug.cgi?id=2220871 [ 2 ] Bug #2225379 - CVE-2023-38745 pandoc: allows attacker to create or overwrite arbitrary files on the system (incomplete fix in upstream for CVE-2023-35936) https://bugzilla.redhat.com/show_bug.cgi?id=2225379 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b458482d48' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . A security alert for Fedora 39 regarding patches for Gitit that mitigate severe file overwrite vulnerabilities associated with pandoc.. Fedora 39 Gitit Fix, Critical File Overwrites, Pandoc Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 30, 2024 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here