Описание
Security update for ghc-pandoc
This update for ghc-pandoc fixes the following issues:
- CVE-2024-38526: Fixed Polyfill Supply Chain Attack (bsc#1227690).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP6
ghc-pandoc-3.1.11.1-150500.11.6.1
ghc-pandoc-devel-3.1.11.1-150500.11.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
ghc-pandoc-3.1.11.1-150500.11.6.1
ghc-pandoc-devel-3.1.11.1-150500.11.6.1
openSUSE Leap 15.6
ghc-pandoc-3.1.11.1-150500.11.6.1
ghc-pandoc-devel-3.1.11.1-150500.11.6.1
Ссылки
- Link for SUSE-SU-2025:02037-1
- E-Mail link for SUSE-SU-2025:02037-1
- SUSE Security Ratings
- SUSE Bug 1227690
- SUSE CVE CVE-2024-38526 page
Описание
pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc --math` linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:ghc-pandoc-3.1.11.1-150500.11.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ghc-pandoc-devel-3.1.11.1-150500.11.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:ghc-pandoc-3.1.11.1-150500.11.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP7:ghc-pandoc-devel-3.1.11.1-150500.11.6.1
Ссылки
- CVE-2024-38526
- SUSE Bug 1227659