rebuild with ghc-cmark-gfm-0.2.6 for various security fixes
see https://github.com/github/cmark-gfm/security for the full list (Sep 2022 to July 2023), including: Resolves: CVE-2023-24824 Resolves: CVE-2023-26485 Resolves: RHEL-83922
This commit is contained in:
parent
4518e04b64
commit
a30e31f437
10
pandoc.spec
10
pandoc.spec
@ -11,7 +11,7 @@
|
||||
|
||||
Name: %{pkg_name}
|
||||
Version: 2.0.6
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
Summary: Conversion between markup formats
|
||||
|
||||
License: GPLv2+
|
||||
@ -209,6 +209,14 @@ install -m 0644 -p -D man/pandoc.1 %{buildroot}%{_mandir}/man1/pandoc.1
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Mar 17 2025 Jens Petersen <petersen@redhat.com> - 2.0.6-7
|
||||
- rebuild with ghc-cmark-gfm-0.2.6 for various security fixes,
|
||||
see https://github.com/github/cmark-gfm/security for the full list
|
||||
(Sep 2022 to July 2023), including:
|
||||
- Resolves: CVE-2023-24824
|
||||
- Resolves: CVE-2023-26485
|
||||
- Resolves: RHEL-83922
|
||||
|
||||
* Thu Apr 14 2022 Jens Petersen <petersen@redhat.com> - 2.0.6-6
|
||||
- rebuild with ghc-cmark-gfm-0.2.3 for CVE-2022-24724 (#2060667)
|
||||
- https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
|
||||
|
||||
18
rpminspect.yaml
Normal file
18
rpminspect.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
xml:
|
||||
# the rendering of libraries source code has anchors with
|
||||
ignore:
|
||||
- "/usr/share/pandoc-*/data/templates/*"
|
||||
|
||||
elf:
|
||||
# 14 libs for base, rts, & unix have objects built without -fPIC on x86_64.
|
||||
# ghc's runtime has this intentionally for performance optimization.
|
||||
ignore:
|
||||
- "/usr/lib64/ghc-*/*/libHS*.a"
|
||||
|
||||
runpath:
|
||||
# Technically the /usr/lib64 one should be fixed in the build, but
|
||||
# the other one should be allowed for the ghc ecosystem.
|
||||
allowed_paths:
|
||||
- /usr/lib64
|
||||
- /usr/lib64/ghc-8.8.4/rts
|
||||
Loading…
Reference in New Issue
Block a user