ANN: pandoc 3.1.6 - John MacFarlane

public inbox archive for pandoc-discuss@googlegroups.com
 help / color / mirror / Atom feed

From: John MacFarlane <fiddlosopher-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: pandoc-discuss-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org,
	pandoc-announce-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
Subject: ANN: pandoc 3.1.6
Date: Fri, 21 Jul 2023 08:40:31 -0700	[thread overview]
Message-ID: <4132D474-75DB-4CBD-B95C-284D153BD056@gmail.com> (raw)

I'm pleased to announce the release of pandoc 3.1.6,
available in the usual places:

Binary packages & changelog:
https://github.com/jgm/pandoc/releases/tag/3.1.6

Source & API documentation:
http://hackage.haskell.org/package/pandoc-3.1.6

Changes of note:

This release fixes a new variant of the vulnerability described in
CVE-2023-35936. Guilhem Moulin noticed that the fix in 3.1.4 to
CVE-2023-35936 was incomplete. An attacker could get around it by
double-encoding the malicious extension to create or override
arbitrary files.

A regression on short boolean arguments has also been fixed.
In 3.1.5 boolean arguments were allowed an optional argument
(`true|false`). This broke the ability to used fused short
arguments, e.g. '-somyfile.html' == '-s -o myfile.html'.  This
commit restores that while keeping support for optional boolean
arguments.

--embed-resources now uses inline SVG instead of data URIs for SVG
images in HTML5.

The docx reader will now use the SVG version of an image if present
rather than the PNG fallback.

The typst reader fixes a regression in recognition of display math
and has many bug fixes from improvements in typst-hs.

Release binaries are now compiled on ghc 9.2, since compiling on 9.4
led to "illegal instruction" errors on some older hardware.
(The cause of this is still not clear, but the change seems to
have fixed the problem.)

See the changelog for other changes and fuller details.

                 reply	other threads:[~2023-07-21 15:40 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4132D474-75DB-4CBD-B95C-284D153BD056@gmail.com \
    --to=fiddlosopher-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
    --cc=pandoc-announce-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org \
    --cc=pandoc-discuss-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).