Roundup Tracker - Issues

Issue 2551198

classification
mistune 2.0 support
Type: rfe Severity: normal
Components: Web interface Versions:
process
Status: new
:
: : rouilj
Priority: :

Created on 2022-04-05 02:51 by rouilj, last changed 2022-09-01 20:23 by rouilj.

Messages
msg7465 Author: [hidden] (rouilj) Date: 2022-04-05 02:51 
Only mistume 1.x is supported. Mistune 2.0 support wasn't straight forward.
I opened a ticket with mistune and they just responded.

https://github.com/lepture/mistune/issues/290#issuecomment-1086333175

so incorporate their changes into the code base.
msg7641 Author: [hidden] (rouilj) Date: 2022-09-01 20:23 
Also 0.8.4 which is the version supported has a CVE against it.

https://nvd.nist.gov/vuln/detail/CVE-2022-34749

its a DOS caused by regexp backtracking in inline formatting.

fixed in 2.2.0.
History
Date User Action Args
2022-09-01 20:23:47rouiljsetmessages: + msg7641
2022-04-05 02:51:26rouiljcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020