stable

rubygem-redcarpet-3.3.2-26.fc36

FEDORA-2023-597f13ffb9 created by mtasaka 5 months ago for Fedora 36

A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue is now assigned as CVE-2020-26298. This new rpm should fix this issue.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-597f13ffb9

This update has been submitted for testing by mtasaka.

5 months ago

This update's test gating status has been changed to 'ignored'.

5 months ago

This update has been pushed to testing.

4 months ago

This update can be pushed to stable now if the maintainer wishes

4 months ago

This update has been submitted for stable by mtasaka.

4 months ago

This update has been pushed to stable.

4 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Builds
1
rubygem-redcarpet-3.3.2-26.fc36
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
5 months ago
in testing
4 months ago
in stable
4 months ago
BZ#1915371 CVE-2020-26298 rubygem-redcarpet: does not escape HTML when processing quotes which could result in XSS vulnerability [fedora-all]
0
0
rubygem-redcarpet-3.3.2-26.fc36

Automated Test Results

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.2.1 on bodhi-web-86-nxdz4.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy