Security update for python-markdown2
This update for python-markdown2 fixes the following issues:
Update to 2.4.0 (boo#1181270):
- [pull #377] Fixed bug breaking strings elements in metadata lists
- [pull #380] When rendering fenced code blocks, also add the
language-LANG class
- [pull #387] Regex DoS fixes (CVE-2021-26813, boo#1183171)
- Switch off failing tests (gh#trentm/python-markdown2#388),
ignore failing test suite.
update to 2.3.9:
- [pull #335] Added header support for wiki tables
- [pull #336] Reset _toc when convert is run
- [pull #353] XSS fix
- [pull #350] XSS fix
- Add patch to fix unsanitized input for cross-site scripting (boo#1171379)
-
Submitted by
Dirk Mueller (dirkmueller)
Fixed bugs
bnc#1171379
VUL-0: CVE-2020-11888: python-markdown2: Unsanitized input allows for cross-site scripting (XSS)
bnc#1183171
VUL-0: CVE-2021-26813: python-markdown2: Regular expression denial of service
bnc#1181270
python: 15 python packages fail to build in openSUSE:Backports
