[USN-4562-2] kramdown vulnerability
mike.salvatore at canonical.com
Mon Oct 26 20:38:27 UTC 2020
Ubuntu Security Notice USN-4562-2
October 26, 2020
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
kramdown could be made to crash, run programs, or leak sensitive information if
it opened a specially crafted file.
- ruby-kramdown: Fast, pure-Ruby Markdown-superset converter - ruby library
It was discovered that kramdown insecurely handled certain crafted input. An
attacker could use this vulnerability to read restricted files or execute
The problem can be corrected by updating your system to the following
In general, a standard system update will make all the necessary changes.
More information about the ubuntu-security-announce