Debian 10265 Published by

A pygments security update has been released for Debian GNU/Linux 8 Extended LTS to address a CPU exhaustion attack vulnerability.



ELA-377-1 pygments security update

Package pygments
Version 2.0.1+dfsg-1.1+deb8u2
Related CVEs CVE-2021-20270

It was found that pygments, a generic syntax highlighter, is vulnerable to a CPU exhaustion attack via a crafted SML file.

For Debian 8 jessie, these problems have been fixed in version 2.0.1+dfsg-1.1+deb8u2.

We recommend that you upgrade your pygments packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-377-1 pygments security update