Red Hat Product Errata RHSA-2021:1972 - Security Advisory
Issued:
2021-05-18
Updated:
2021-05-18

RHSA-2021:1972 - Security Advisory

Synopsis

Moderate: pandoc security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pandoc is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library.

Security Fix(es):

  • cmark-gfm: Exponential time to parse certain inputs could lead to DoS (CVE-2020-5238)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64

Fixes

  • BZ - 1854328 - CVE-2020-5238 cmark-gfm: Exponential time to parse certain inputs could lead to DoS

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
x86_64
pandoc-2.0.6-5.el8.x86_64.rpm SHA-256: b0443ffce1aee302d73a33a8468538f475f7bba592c2c1b082ff732923aa8d11
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
ppc64le
pandoc-2.0.6-5.el8.ppc64le.rpm SHA-256: 7602e9bf275a1aeb0230f73f50a1d9d92d8235ab4ad0df9f052fb6e7727df808
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
aarch64
pandoc-2.0.6-5.el8.aarch64.rpm SHA-256: e721b1f9150cebd8bf3af35e24aa4c9bdce5bdbc051ff6b7f1ba37d92243df54
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
s390x
pandoc-2.0.6-5.el8.s390x.rpm SHA-256: 4628282aa45e4ad7c2d4f77c7e4d8c804f6129f583ecd2ee4e2f3acc0e8676a4
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
x86_64
pandoc-2.0.6-5.el8.x86_64.rpm SHA-256: b0443ffce1aee302d73a33a8468538f475f7bba592c2c1b082ff732923aa8d11
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
x86_64
pandoc-2.0.6-5.el8.x86_64.rpm SHA-256: b0443ffce1aee302d73a33a8468538f475f7bba592c2c1b082ff732923aa8d11
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
x86_64
pandoc-2.0.6-5.el8.x86_64.rpm SHA-256: b0443ffce1aee302d73a33a8468538f475f7bba592c2c1b082ff732923aa8d11
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
ppc64le
pandoc-2.0.6-5.el8.ppc64le.rpm SHA-256: 7602e9bf275a1aeb0230f73f50a1d9d92d8235ab4ad0df9f052fb6e7727df808
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
ppc64le
pandoc-2.0.6-5.el8.ppc64le.rpm SHA-256: 7602e9bf275a1aeb0230f73f50a1d9d92d8235ab4ad0df9f052fb6e7727df808
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
ppc64le
pandoc-2.0.6-5.el8.ppc64le.rpm SHA-256: 7602e9bf275a1aeb0230f73f50a1d9d92d8235ab4ad0df9f052fb6e7727df808
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
s390x
pandoc-2.0.6-5.el8.s390x.rpm SHA-256: 4628282aa45e4ad7c2d4f77c7e4d8c804f6129f583ecd2ee4e2f3acc0e8676a4
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
s390x
pandoc-2.0.6-5.el8.s390x.rpm SHA-256: 4628282aa45e4ad7c2d4f77c7e4d8c804f6129f583ecd2ee4e2f3acc0e8676a4
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
s390x
pandoc-2.0.6-5.el8.s390x.rpm SHA-256: 4628282aa45e4ad7c2d4f77c7e4d8c804f6129f583ecd2ee4e2f3acc0e8676a4
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
aarch64
pandoc-2.0.6-5.el8.aarch64.rpm SHA-256: e721b1f9150cebd8bf3af35e24aa4c9bdce5bdbc051ff6b7f1ba37d92243df54
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
aarch64
pandoc-2.0.6-5.el8.aarch64.rpm SHA-256: e721b1f9150cebd8bf3af35e24aa4c9bdce5bdbc051ff6b7f1ba37d92243df54
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4

SRPM
pandoc-2.0.6-5.el8.src.rpm SHA-256: 9ff3dd6cda6b03b6fd6857875ce50a74bdccae05c7ae4630afd4924fe6d426f2
aarch64
pandoc-2.0.6-5.el8.aarch64.rpm SHA-256: e721b1f9150cebd8bf3af35e24aa4c9bdce5bdbc051ff6b7f1ba37d92243df54
pandoc-common-2.0.6-5.el8.noarch.rpm SHA-256: ed0c19ec19cf70ebe2a27eb3c20c373a603c63635ccb37494466c81d6ef6a82f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.