-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-1eaffe0013 2020-10-06 15:02:13.246044 --------------------------------------------------------------------------------
Name : pandoc Product : Fedora 32 Version : 2.7.3 Release : 4.fc32 URL : https://hackage.haskell.org/package/pandoc Summary : Conversion between markup formats Description : Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. It can read several dialects of Markdown and (subsets of) HTML, reStructuredText, LaTeX, DocBook, JATS, MediaWiki markup, DokuWiki markup, TWiki markup, TikiWiki markup, Creole 1.0, Haddock markup, OPML, Emacs Org-Mode, Emacs Muse, txt2tags, ipynb (Jupyter notebooks), Vimwiki, Word Docx, ODT, EPUB, FictionBook2, roff man, and Textile, and it can write Markdown, reStructuredText, XHTML, HTML 5, LaTeX, ConTeXt, DocBook, JATS, OPML, TEI, OpenDocument, ODT, Word docx, PowerPoint pptx, RTF, MediaWiki, DokuWiki, XWiki, ZimWiki, Textile, Jira, roff man, roff ms, plain text, Emacs Org-Mode, AsciiDoc, Haddock markup, EPUB (v2 and v3), ipynb, FictionBook2, InDesign ICML, Muse, LaTeX beamer slides, and several kinds of HTML/JavaScript slide shows (S5, Slidy, Slideous, DZSlides, reveal.js).
In contrast to most existing tools for converting Markdown to HTML, pandoc has a modular design: it consists of a set of readers, which parse text in a given format and produce a native representation of the document, and a set of writers, which convert this native representation into a target format. Thus, adding an input or output format requires only adding a reader or writer.
For pdf output please also install pandoc-pdf or weasyprint.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2020-5238 - ghc-cmark-gfm updated to 0.2.2 which rebases the bundled cmark-gfm to 0.29.0.gfm.1 - also update hakyll to 4.13.4.0 https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85 -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 21 2020 Jens Petersen petersen@redhat.com - 2.7.3-4 - rebuild for cmark-gfm-0.2.2: fixes exponential parse (#1854329) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1854328 - CVE-2020-5238 cmark: Exponential time to parse certain inputs could lead to DoS. https://bugzilla.redhat.com/show_bug.cgi?id=1854328 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-1eaffe0013' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------