[USN-7128-1] Pygments vulnerability

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEELOLXZEFYQHcSWEHiyfW2m9Ldu6sFAmdF8BYFAwAAAAAACgkQyfW2m9Ldu6vi
zQ//R5MPHwEFXws3odA9q/x3M+oHXZY7bQoghlcYv2hNm4Yuv/ocVT4XhlxPIvKnHuD6h4urn0QL
m1XMNF5ZYSAiayD1ra9lXWk6jB2CAqPWOkHxSFXMqzVhznCv9wpTSSSY/WHTtuieLNezBKVe2z8C
UYPCibXF1LrxRrcQQ7cgsbEpLXpr2S8HgdmBwJ6Umj3oVUE8bzNqgVs7Rbr9lduk/s/9OCNiYC79
5cAnQgyQHyugcJELbGR4gtzCsKYLGihgCndz0X1+TDDgrjQKNKVjnmxiJ3qD6+vuzdN0nsRONVEh
O+6wPnMgxnsc23xUhauZyiNUwqJRQXnXc+N4Y3RFUEsT5LAIeC6AnQNBjZYt/h7Fh3dGdlfXmNse
buXjNm/ZAyBP92A3OrXJik+DQiiP00wOapcdrGhMu9Ih5udTQF+nxU/s5DvmK3IyMeAdTt+k9QJN
NFJiUt3WPeKt5nrQOfTrpBYhIUDyEWk7S6zZAI3pk4mlrimlmMCsZkLRl2pUvBl40uuPlgA/PlnE
sRbFx9ntE494zQoBnAsALyx8vo+MzwJceBheu3eSojoRzQAKotxCQ2if7ENOsdsDq+Aq7NZHUaM5
addV/kJUzEfIsCGuF6voKgCqrPiWUzlVbkKbcL5CVx6uMhFEKLWabu6lNZmGP3WPmzTPhDtmFrBu
1NU=
=EhIE
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7128-1
November 26, 2024

pygments vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Pygments could be made to crash if it received specially crafted input.

Software Description:
- pygments: Generic syntax highlighter

Details:

Sebastian Chnelik discovered that Pygments had an inefficient regex query
for analyzing certain inputs. An attacker could possibly use this issue to
cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  python3-pygments                2.11.2+dfsg-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7128-1
  CVE-2022-40896

Package Information:
https://launchpad.net/ubuntu/+source/pygments/2.11.2+dfsg-2ubuntu0.1