Summary: | dev-python/nbconvert: arbitrary html injection | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | arthurzam, python, sci |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq | ||
Whiteboard: | B4 [??] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-08-18 21:37:58 UTC
The current smallest version of nbconvert is 6.5.0-r1, so I don't think there is a need for an action? I couldn't verify the fixes were in the release that the advisory alleges, so we need to verify the advisory is correct. |