Fedora Core 10 FEDORA-2009-10377 (python-markdown2)

Summary
The remote host is missing an update to python-markdown2 announced via advisory FEDORA-2009-10377.
Solution
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update python-markdown2' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10377
Insight
This is a fast and complete Python implementation of the Markdown spec. For information about markdown itself, see http://daringfireball.net/projects/markdown/ Update Information: Update from 1.0.1.11 to 1.0.1.15, which fixes some issues, including these two security-related bugs: - [Issue 30] Fix a possible XSS via JavaScript injection in a carefully crafted image reference (usage of double-quotes in the URL). - [Issue 29] Fix security hole in the md5-hashing scheme for handling HTML chunks during processing. See http://code.google.com/p/python-markdown2/source/browse/trunk/CHANGES.txt for the full changelog. ChangeLog: * Thu Oct 8 2009 Thomas Moschny - 1.0.1.15-1 - Update to 1.0.1.15. Fixes three issues, two of them being security-related.