Ubuntu alert USN-7128-1 (pygments)
| From: | Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7128-1] Pygments vulnerability | |
| Date: | Tue, 26 Nov 2024 12:28:14 -0330 | |
| Message-ID: | <f5b0d494-45bf-4033-9ad6-ca687d047f6d@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7128-1 November 26, 2024 pygments vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Pygments could be made to crash if it received specially crafted input. Software Description: - pygments: Generic syntax highlighter Details: Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS python3-pygments 2.11.2+dfsg-2ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7128-1 CVE-2022-40896 Package Information: https://launchpad.net/ubuntu/+source/pygments/2.11.2+dfsg...
Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEELOLXZEFYQHcSWEHiyfW2m9Ldu6sFAmdF8BYFAwAAAAAACgkQyfW2m9Ldu6vi zQ//R5MPHwEFXws3odA9q/x3M+oHXZY7bQoghlcYv2hNm4Yuv/ocVT4XhlxPIvKnHuD6h4urn0QL m1XMNF5ZYSAiayD1ra9lXWk6jB2CAqPWOkHxSFXMqzVhznCv9wpTSSSY/WHTtuieLNezBKVe2z8C UYPCibXF1LrxRrcQQ7cgsbEpLXpr2S8HgdmBwJ6Umj3oVUE8bzNqgVs7Rbr9lduk/s/9OCNiYC79 5cAnQgyQHyugcJELbGR4gtzCsKYLGihgCndz0X1+TDDgrjQKNKVjnmxiJ3qD6+vuzdN0nsRONVEh O+6wPnMgxnsc23xUhauZyiNUwqJRQXnXc+N4Y3RFUEsT5LAIeC6AnQNBjZYt/h7Fh3dGdlfXmNse buXjNm/ZAyBP92A3OrXJik+DQiiP00wOapcdrGhMu9Ih5udTQF+nxU/s5DvmK3IyMeAdTt+k9QJN NFJiUt3WPeKt5nrQOfTrpBYhIUDyEWk7S6zZAI3pk4mlrimlmMCsZkLRl2pUvBl40uuPlgA/PlnE sRbFx9ntE494zQoBnAsALyx8vo+MzwJceBheu3eSojoRzQAKotxCQ2if7ENOsdsDq+Aq7NZHUaM5 addV/kJUzEfIsCGuF6voKgCqrPiWUzlVbkKbcL5CVx6uMhFEKLWabu6lNZmGP3WPmzTPhDtmFrBu 1NU= =EhIE -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)