-
pygments (2.1+dfsg-1ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: more denial of service issues in regular expressions
- debian/patches/CVE-2021-27291.patch: fix several exponential/cubic
complexity regexes in pygments/lexers/archetype.py,
pygments/lexers/factor.py, pygments/lexers/jvm.py,
pygments/lexers/matlab.py, pygments/lexers/objective.py,
pygments/lexers/templates.py.
- CVE-2021-27291
-- Marc Deslauriers <email address hidden> Mon, 29 Mar 2021 10:59:42 -0400
-
pygments (2.1+dfsg-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Infinite loop in SMLLexer leads to denial of service
- debian/patches/CVE-2021-20270.patch: fix infinite loop in
pygments/lexers/ml.py.
- CVE-2021-20270
-- Marc Deslauriers <email address hidden> Mon, 15 Mar 2021 09:38:31 -0400
-
pygments (2.1+dfsg-1) unstable; urgency=medium
[ Dmitry Shachnev ]
* New upstream release.
* Drop CVE-2015-8557.patch, applied upstream.
* Disable two tests that need example files, again.
* Stop setting PYTHONWARNINGS=d when running the autopkgtests, that
breaks the cmdline test which checks that process stderr is empty.
[ Piotr Ożarowski ]
* Remove /etc/bash_completion.d/pygmentize conffile in maintainer scripts
(closes: #810661)
-- Dmitry Shachnev <email address hidden> Mon, 25 Jan 2016 18:04:14 +0300
-
pygments (2.0.1+dfsg-2ubuntu1) xenial; urgency=medium
* Merged from Debian. Remaining changes:
- debian/tests/python*-pygments: Disable two tests that need example
files, again.
pygments (2.0.1+dfsg-2) unstable; urgency=high
[ Salvatore Bonaccorso ]
* Add CVE-2015-8557.patch patch.
CVE-2015-8557: Shell injection in FontManager._get_nix_font_path.
(Closes: #802828)
[ Piotr Ożarowski ]
* debian/watch: use pypi.debian.net redirector
* install pygmentize's bash completion to
/usr/share/bash-completion/completions
-- Marc Deslauriers <email address hidden> Fri, 22 Jan 2016 13:12:59 -0500
-
pygments (2.0.1+dfsg-1.1ubuntu1) xenial; urgency=medium
* SECURITY UPDATE: shell injection via font path
- debian/patches/CVE-2015-8557.patch: use subprocess in
pygments/formatters/img.py.
- CVE-2015-8557
-- Marc Deslauriers <email address hidden> Fri, 18 Dec 2015 10:25:43 -0500
-
pygments (2.0.1+dfsg-1.1svn1) wily; urgency=medium
* Disable two tests that need example files, again.
-- Dmitry Shachnev <email address hidden> Tue, 28 Jul 2015 22:29:07 +0300