Change logs for pygments source package in Xenial

  • pygments (2.1+dfsg-1ubuntu0.2) xenial-security; urgency=medium
    
      * SECURITY UPDATE: more denial of service issues in regular expressions
        - debian/patches/CVE-2021-27291.patch: fix several exponential/cubic
          complexity regexes in pygments/lexers/archetype.py,
          pygments/lexers/factor.py, pygments/lexers/jvm.py,
          pygments/lexers/matlab.py, pygments/lexers/objective.py,
          pygments/lexers/templates.py.
        - CVE-2021-27291
    
     -- Marc Deslauriers <email address hidden>  Mon, 29 Mar 2021 10:59:42 -0400
  • pygments (2.1+dfsg-1ubuntu0.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: Infinite loop in SMLLexer leads to denial of service
        - debian/patches/CVE-2021-20270.patch: fix infinite loop in
          pygments/lexers/ml.py.
        - CVE-2021-20270
    
     -- Marc Deslauriers <email address hidden>  Mon, 15 Mar 2021 09:38:31 -0400
  • pygments (2.1+dfsg-1) unstable; urgency=medium
    
      [ Dmitry Shachnev ]
      * New upstream release.
      * Drop CVE-2015-8557.patch, applied upstream.
      * Disable two tests that need example files, again.
      * Stop setting PYTHONWARNINGS=d when running the autopkgtests, that
        breaks the cmdline test which checks that process stderr is empty.
    
      [ Piotr Ożarowski ]
      * Remove /etc/bash_completion.d/pygmentize conffile in maintainer scripts
        (closes: #810661)
    
     -- Dmitry Shachnev <email address hidden>  Mon, 25 Jan 2016 18:04:14 +0300
  • pygments (2.0.1+dfsg-2ubuntu1) xenial; urgency=medium
    
      * Merged from Debian. Remaining changes:
        - debian/tests/python*-pygments: Disable two tests that need example
          files, again.
    
    pygments (2.0.1+dfsg-2) unstable; urgency=high
    
      [ Salvatore Bonaccorso ]
      * Add CVE-2015-8557.patch patch.
        CVE-2015-8557: Shell injection in FontManager._get_nix_font_path.
        (Closes: #802828)
    
      [ Piotr Ożarowski ]
      * debian/watch: use pypi.debian.net redirector
      * install pygmentize's bash completion to
        /usr/share/bash-completion/completions
    
     -- Marc Deslauriers <email address hidden>  Fri, 22 Jan 2016 13:12:59 -0500
  • pygments (2.0.1+dfsg-1.1ubuntu1) xenial; urgency=medium
    
      * SECURITY UPDATE: shell injection via font path
        - debian/patches/CVE-2015-8557.patch: use subprocess in
          pygments/formatters/img.py.
        - CVE-2015-8557
    
     -- Marc Deslauriers <email address hidden>  Fri, 18 Dec 2015 10:25:43 -0500
  • pygments (2.0.1+dfsg-1.1svn1) wily; urgency=medium
    
      * Disable two tests that need example files, again.
    
     -- Dmitry Shachnev <email address hidden>  Tue, 28 Jul 2015 22:29:07 +0300