[ALSA-2025:8427] Moderate: pandoc security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. It can read several dialects of Markdown and (subsets of) HTML, reStructuredText, LaTeX, DocBook, JATS, MediaWiki markup, TWiki markup, TikiWiki markup, Creole 1.0, Haddock markup, OPML, Emacs Org-Mode, Emacs Muse, txt2tags, Vimwiki, Word Docx, ODT, and Textile, and it can write Markdown, reStructuredText, XHTML, HTML 5, LaTeX, ConTeXt, DocBook, JATS, OPML, TEI, OpenDocument, ODT, Word docx, RTF, MediaWiki, DokuWiki, ZimWiki, Textile, groff man, groff ms, plain text, Emacs Org-Mode, AsciiDoc, Haddock markup, EPUB (v2 and v3), FictionBook2, InDesign ICML, Muse, LaTeX beamer slides, PowerPoint, and several kinds of HTML/JavaScript slide shows (S5, Slidy, Slideous, DZSlides, reveal.js). In contrast to most existing tools for converting Markdown to HTML, pandoc has a modular design: it consists of a set of readers, which parse text in a given format and produce a native representation of the document, and a set of writers, which convert this native representation into a target format. Thus, adding an input or output format requires only adding a reader or writer. For pdf output please also install pandoc-pdf. Security Fix(es): * cmark-gfm: Quadratic complexity bugs may lead to a denial of service (CVE-2023-24824) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 pandoc-2.0.6-7.el8_10.aarch64.rpm 9c510b86ae3970f0f4c9b754055001fa2c2d73a1362e887d6dfcd24efc7d6360
noarch pandoc-common-2.0.6-7.el8_10.noarch.rpm 28442aefc88745fe955361b1aad57f3548d2c9ef3d8cf738eca22a80abad55a2
ppc64le pandoc-2.0.6-7.el8_10.ppc64le.rpm 61340267a7886eb34d0cc62b5ccc690424e076410b12c4a7ba058635a394aaf9
s390x pandoc-2.0.6-7.el8_10.s390x.rpm f8fc98244e5f4b70f072f19e706278705f90049812d135e638e019d15b17a91e
x86_64 pandoc-2.0.6-7.el8_10.x86_64.rpm 75e3a5476ef40be2b884db0603cf83809e9d9053c2e4f2a15fbc8898d1a47682
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.