{"affected":[{"ecosystem_specific":{"binaries":[{"python2-markdown2":"2.4.0-bp152.2.4.1","python3-markdown2":"2.4.0-bp152.2.4.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP2","name":"python-markdown2","purl":"pkg:rpm/suse/python-markdown2&distro=SUSE%20Package%20Hub%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.0-bp152.2.4.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python-markdown2 fixes the following issues:\n\nUpdate to 2.4.0 (boo#1181270):\n\n  - [pull #377] Fixed bug breaking strings elements in metadata lists\n  - [pull #380] When rendering fenced code blocks, also add the\n    language-LANG class\n  - [pull #387] Regex DoS fixes (CVE-2021-26813, boo#1183171)\n\n- Switch off failing tests (gh#trentm/python-markdown2#388),\n  ignore failing test suite.\n\nupdate to 2.3.9:\n\n  - [pull #335] Added header support for wiki tables\n  - [pull #336] Reset _toc when convert is run\n  - [pull #353] XSS fix\n  - [pull #350] XSS fix\n\n- Add patch to fix unsanitized input for cross-site scripting (boo#1171379)\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.","id":"openSUSE-SU-2021:0451-1","modified":"2021-03-19T23:06:22Z","published":"2021-03-19T23:06:22Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4AZ6CPAAHWZ74LZWHDSAXWA6O2HYCKU3/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1171379"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181270"},{"type":"REPORT","url":"https://bugzilla.suse.com/1183171"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-26813"}],"related":["CVE-2021-26813"],"summary":"Security update for python-markdown2","upstream":["CVE-2021-26813"]}