Control: fixed -1 0.23.4-1 On Fri, 04 Mar 2022 11:46:39 +0000 Neil Williams <codeh...@debian.org> wrote:> CVE-2022-24724[0]:
| cmark-gfm is GitHub's extended version of the C reference | implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and | 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing | `table.c:row_from_string` may lead to heap memory corruption when | parsing tables who's marker rows contain more than UINT16_MAX columns. | The impact of this heap corruption ranges from Information Leak to | Arbitrary Code Execution depending on how and where `cmark-gfm` is | used. If `cmark-gfm` is used for rendering remote user controlled | markdown, this vulnerability may lead to Remote Code Execution (RCE) | in applications employing affected versions of the `cmark-gfm` | library. This vulnerability has been patched in the following cmark- | gfm versions 0.29.0.gfm.3 and 0.28.3.gfm.21. A workaround is | available. The vulnerability exists in the table markdown extensions | of cmark-gfm. Disabling the table extension will prevent this | vulnerability from being triggered.
This should have been fixed with https://github.com/gjtorikian/commonmarker/commit/3c2a8cce46f1aa610f47c7187e093f650d7a3eb3 which is included in 0.23.4.