Advisories » MGASA-2024-0107

Updated python-pygments packages fix security vulnerability

Publication date: 04 Apr 2024
Modification date: 04 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2022-40896

Description

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments
through 2.15.0 via SmithyLexer.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33030
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40896

SRPMS

9/core

• python-pygments-2.15.1-1.mga9