[SECURITY] [DLA 2590-1] pygments security update

[Emilio Pozuelo Monfort <pochu@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2590-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
March 12, 2021                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : pygments
Version        : 2.2.0+dfsg-1+deb9u1
CVE ID         : CVE-2021-20270
Debian Bug     : 984664

It was found that pygments, a generic syntax highlighter, is vulnerable
to a CPU exhaustion attack via a crafted SML file.

For Debian 9 stretch, this problem has been fixed in version
2.2.0+dfsg-1+deb9u1.

We recommend that you upgrade your pygments packages.

For the detailed security status of pygments please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pygments

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmBLPa8ACgkQnUbEiOQ2
gwLrxBAAxvN2eA4iGOn/8xzpl8m19UxUDSZZ9FZbDsXCOs1jRlgswAaro8IJ1gLd
Xnyu2uw/QBI2JIeF/P3VUUd5xh2G4H2sG5Szg0WYXsIt+GDRwugO0fVFEhOz76uB
IJIrroDTZFLrJfKbJMnoCmGnCtvgdpcnaxc95gTFAmbBLbG3bFzBF3bIHuPTvL8v
hSe+hQQA5npZ93lhppxi14ChNeEWMuRk5GYro7+2A5D0xp95Yir0IhlSTq3f0D4/
YAeppGnO2Aqwa3neqA7COVBID3P1hPvvjvBrsxgle/EsdRH05oGIAH8it6b+boP2
iluFm6gMMEahCM1GGMrFff3/DhuvhYgDyOAOVIXBCato7YGdJW4VGkphGtpe/6ZN
O2BCkSpkpdZe27ym4FCVXmJe53cUlSEXHKHGeGjyUHV1aba5WADss7Z0+4n7WXIA
BdIgMamlBTVc8CAApkwvfOS6SRCrSV1cyPwl5+KI3Szr9FUC2fejw4OHfFdOktk3
cZzS2IkiPGTJH6wXGjAL51BkeKD35smZWXDHMS6D+2dYroYv5ePnZiGq64FB9uFq
yr6JRsrzGcPLH8rK9VzDIqTYM2pwy35B/u2j++k5ZSNPs7HA8BVg8Q2qJPvYXKkP
9JLD00YphH4RJO2Jzdnc8UGMYGg1HUupJdUb8bmeBzEJGOXHmNc=
=A3XZ
-----END PGP SIGNATURE-----