UbuntuUpdates.org

Package "ruby-kramdown"

Name: ruby-kramdown

Description:

Fast, pure-Ruby Markdown-superset converter - ruby library

Latest version: 1.17.0-4ubuntu0.1
Release: focal (20.04)
Level: security
Repository: universe
Homepage: https://kramdown.gettalong.org

Links


Download "ruby-kramdown"


Other versions of "ruby-kramdown" in Focal

Repository Area Version
base universe 1.17.0-4
updates universe 1.17.0-4ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.17.0-4ubuntu0.1 2020-09-30 22:06:17 UTC

  ruby-kramdown (1.17.0-4ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Unintended read access
    - debian/patches/CVE-2020-14001.patch: Add option
      forbidden_inline_options. By default, the template option is now
      forbidden.
    - CVE-2020-14001

 -- Mike Salvatore <email address hidden> Wed, 30 Sep 2020 15:11:49 -0400

CVE-2020-14001 The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such



About   -   Send Feedback to @ubuntu_updates