FEDORA-2019-009fdcfb60

security update in Fedora 28 for php-erusev-parsedown

Status: stable 5 months ago

1.7.1

  • #475: "Loose" lists will now contain paragraphs in all items, not just some.
  • #433: Links will no longer be double nested
  • #525: The info-string when beginning a code block may now contain non-word characters (e.g. c++)
  • #561: The mbstring extension (which we already depend on) has been added explicitly to composer.json
  • #563: The Parsedown::version constant now matches the release version
  • #560: Builds will now fail if we forget to update the version constant again

1.7.0

CVE-2018-1000162

  • Merge pull request #495 from aidantwoods/anti-xss
  • Prevent various XSS attacks (rebase and update of #276)

Comments 6

This update has been submitted for testing by siwinski.

6 months ago

This update has been pushed to testing.

6 months ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

5 months ago

This update has been submitted for batched by siwinski.

5 months ago

This update has been submitted for stable by bodhi.

5 months ago

This update has been pushed to stable.

5 months ago

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 6 months ago
in testing 6 months ago
in stable 5 months ago

Related Bugs 2
00 #1569513 CVE-2018-1000162 php-erusev-parsedown: Cross Site Scripting in `setMarkupEscaped` [epel-all]
00 #1569514 CVE-2018-1000162 php-erusev-parsedown: Cross Site Scripting in `setMarkupEscaped` [fedora-all]

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-4.1.0 on bodhi-web-91-cdvdt.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Legal | Privacy policy