0days-in-the-wild
0days-in-the-wild copied to clipboard
googleprojectzero
Bump commonmarker from 0.23.4 to 0.23.10
Bumps commonmarker from 0.23.4 to 0.23.10.
Release notes
Sourced from commonmarker's releases.
v0.23.10
What's Changed
- Update to 0.29.0.gfm.13 by
@anticomputerin gjtorikian/commonmarker#247Full Changelog: https://github.com/gjtorikian/commonmarker/compare/v0.23.9...v0.23.10
v0.23.9
What's Changed
- Update to 0.29.0.gfm.11 by
@anticomputerin gjtorikian/commonmarker#236Full Changelog: https://github.com/gjtorikian/commonmarker/compare/v0.23.8...v0.23.9
v0.23.8
What's Changed
- Update cmark-upstream to
0.29.0.gfm.9by@smocklein gjtorikian/commonmarker#227New Contributors
@smocklemade their first contribution in gjtorikian/commonmarker#227Full Changelog: https://github.com/gjtorikian/commonmarker/compare/v0.23.7...v0.23.8
v0.23.7
What's Changed
- C API stable test by
@gjtorikianin gjtorikian/commonmarker#201- Update to 29.0.gfm.7 by
@anticomputerin gjtorikian/commonmarker#224Full Changelog: https://github.com/gjtorikian/commonmarker/compare/v0.23.6...v0.23.7
v0.23.7.pre1
What's Changed
- C API stable test by
@gjtorikianin gjtorikian/commonmarker#201Full Changelog: https://github.com/gjtorikian/commonmarker/compare/v0.23.6...v0.23.7.pre1
v0.23.6
What's Changed
This release includes two updates from the upstream
cmark-gfmlibrary, namely:
Changelog
Sourced from commonmarker's changelog.
[v0.23.10] (2023-07-31)
- Update GFM release to
0.29.0.gfm.12and0.29.0.gfm.13, thereby fixing a polynomial time complexity security vulnerability.- Of note to users of this library, GFM releases
0.29.0.gfm.12and0.29.0.gfm.13also:
Commits
db8cd37Merge pull request #247 from anticomputer/update-to-0.29.0.gfm.13e1e450c:gem: release 0.23.1008b7c4bUpdate cmark-upstream to https://github.com/github/cmark-gfm/commit/587a12bb5...d0e81e2I've used this version of the update_submodules script for several releases, ...42cfc90Merge pull request #236 from anticomputer/update-to-0.29.0.gfm.10d793fbfUpdate cmark-upstream to https://github.com/github/cmark-gfm/commit/1e230827a...4e4588fUpdate Makefile for export header consolidation2eb8ca8Update cmark-upstream to https://github.com/github/cmark-gfm/commit/c8dcdc71c...bbb49dbHtmlRenderer: don't nest <strong>f303e6b:gem: release 0.23.9- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency -
@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}