UbuntuUpdates.org

Package "pygments"

Name: pygments

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • syntax highlighting package written in Python 3

Latest version: 2.3.1+dfsg-1ubuntu2.2
Release: focal (20.04)
Level: security
Repository: main

Links



Other versions of "pygments" in Focal

Repository Area Version
base universe 2.3.1+dfsg-1ubuntu2
base main 2.3.1+dfsg-1ubuntu2
security universe 2.3.1+dfsg-1ubuntu2.2
updates main 2.3.1+dfsg-1ubuntu2.2
updates universe 2.3.1+dfsg-1ubuntu2.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.3.1+dfsg-1ubuntu2.2 2021-03-31 12:06:21 UTC

  pygments (2.3.1+dfsg-1ubuntu2.2) focal-security; urgency=medium

  * SECURITY UPDATE: more denial of service issues in regular expressions
    - debian/patches/CVE-2021-27291.patch: fix several exponential/cubic
      complexity regexes in pygments/lexers/archetype.py,
      pygments/lexers/factor.py, pygments/lexers/jvm.py,
      pygments/lexers/matlab.py, pygments/lexers/objective.py,
      pygments/lexers/templates.py, pygments/lexers/varnish.py.
    - CVE-2021-27291

 -- Marc Deslauriers <email address hidden> Mon, 29 Mar 2021 10:58:36 -0400

Source diff to previous version
CVE-2021-27291 In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions

Version: 2.3.1+dfsg-1ubuntu2.1 2021-03-22 15:07:25 UTC

  pygments (2.3.1+dfsg-1ubuntu2.1) focal-security; urgency=medium

  * SECURITY UPDATE: Infinite loop in SMLLexer leads to denial of service
    - debian/patches/CVE-2021-20270.patch: fix infinite loop in
      pygments/lexers/ml.py.
    - CVE-2021-20270

 -- Marc Deslauriers <email address hidden> Mon, 15 Mar 2021 09:35:08 -0400




About   -   Send Feedback to @ubuntu_updates