Skip to content

Upgrade mathjax version to 3.x to resolve ReDoS vulnerability from 2.7.9#1587

Merged
alexxu-amd merged 1 commit intodevelopfrom
alexxu12/mathjax
Dec 5, 2025
Merged

Upgrade mathjax version to 3.x to resolve ReDoS vulnerability from 2.7.9#1587
alexxu-amd merged 1 commit intodevelopfrom
alexxu12/mathjax

Conversation

@alexxu-amd
Copy link
Copy Markdown
Contributor

@alexxu-amd alexxu-amd commented Dec 5, 2025

Motivation

Technical Details

Test Plan

Test Result

Submission Checklist

@alexxu-amd alexxu-amd requested review from a team, kiritigowda and rrawther as code owners December 5, 2025 14:57
@alexxu-amd alexxu-amd merged commit b0e215d into develop Dec 5, 2025
6 checks passed
@alexxu-amd alexxu-amd deleted the alexxu12/mathjax branch December 5, 2025 15:00
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
3650053 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
a2f582d 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
018ab5a 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
4847059 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
88a0bb6 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
6735fd0 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
6963f48 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
9812445 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
6ce66ed 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
acc5353 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
2881bad 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
5bc7c78 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
b750696 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
3861593 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
551a112 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
da97e2c 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
25653cf 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
c0ed782 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
385aaaa 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
356183d 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
ba51d8e 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
7d9ae5b 
(cherry picked from commit b0e215d)
alexxu-amd added a commit that referenced this pull request Dec 5, 2025
@alexxu-amd
upgrade mathjax version to 3.x to resolve a vulnerability (#1587)
698add5 
(cherry picked from commit b0e215d)
JeniferC99 pushed a commit that referenced this pull request Jan 22, 2026
@kiritigowda @dependabot
@jonatluu @christian-heusel @sruthi0107 @SundarRajan28 @shobana-mcw @LakshmiKumar23 @alexxu-amd
Cherry-pick - ROCm 7.2.X: Bugfixes and updates (#1591)
f7007a5 
* Docs - Bump rocm-docs-core[api_reference] from 1.27.0 to 1.29.0 in /docs/sphinx (#1577)

Bumps [rocm-docs-core[api_reference]](https://github.com/ROCm/rocm-docs-core) from 1.27.0 to 1.29.0.
- [Release notes](https://github.com/ROCm/rocm-docs-core/releases)
- [Changelog](https://github.com/ROCm/rocm-docs-core/blob/develop/CHANGELOG.md)
- [Commits](ROCm/rocm-docs-core@v1.27.0...v1.29.0)

---
updated-dependencies:
- dependency-name: rocm-docs-core[api_reference]
  dependency-version: 1.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Dependecies - Use OpenCV & FFMPEG only in Ubuntu (#1575)

* Dependecies - Use OpenCV & FFMPEG in Ubuntu

* Min Deps Mode - Support Min deps build

* CMakeLists - Fix

* Ubuntu - 22 Only support for extented support

* Package - Enable Lintian Support MIVisionX (#1573)

* lintian errors fix

* move overrides install

* use provided changelog and copyright. Fixed formatting

* keep changelog name. Don't install lintian overrides

* keep copyright.txt naming

* remove overrides

* remove overrides and addressing comments

---------

Co-authored-by: Kiriti Gowda <kiritigowda@gmail.com>

* VX_Media - Add missing include directive (#1578)

Signed-off-by: Christian Heusel <christian@heusel.eu>

* Docs - Bump rocm-docs-core[api_reference] from 1.29.0 to 1.30.0 in /docs/sphinx (#1579)

Bumps [rocm-docs-core[api_reference]](https://github.com/ROCm/rocm-docs-core) from 1.29.0 to 1.30.0.
- [Release notes](https://github.com/ROCm/rocm-docs-core/releases)
- [Changelog](https://github.com/ROCm/rocm-docs-core/blob/develop/CHANGELOG.md)
- [Commits](ROCm/rocm-docs-core@v1.29.0...v1.30.0)

---
updated-dependencies:
- dependency-name: rocm-docs-core[api_reference]
  dependency-version: 1.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Docs - Bump rocm-docs-core[api_reference] from 1.30.0 to 1.30.1 in /docs/sphinx (#1583)

Bumps [rocm-docs-core[api_reference]](https://github.com/ROCm/rocm-docs-core) from 1.30.0 to 1.30.1.
- [Release notes](https://github.com/ROCm/rocm-docs-core/releases)
- [Changelog](https://github.com/ROCm/rocm-docs-core/blob/develop/CHANGELOG.md)
- [Commits](ROCm/rocm-docs-core@v1.30.0...v1.30.1)

---
updated-dependencies:
- dependency-name: rocm-docs-core[api_reference]
  dependency-version: 1.30.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Docs - Bump fonttools from 4.55.0 to 4.61.0 in /docs/sphinx (#1584)

Bumps [fonttools](https://github.com/fonttools/fonttools) from 4.55.0 to 4.61.0.
- [Release notes](https://github.com/fonttools/fonttools/releases)
- [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst)
- [Commits](fonttools/fonttools@4.55.0...4.61.0)

---
updated-dependencies:
- dependency-name: fonttools
  dependency-version: 4.61.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* OpenVX - Fix Memory leak (#1580)

* Fix - Memory leak

* Removed comment

---------

Co-authored-by: Kiriti Gowda <kiritigowda@gmail.com>

* VX_RPP - Update memory allocation for HIP augmentation parameters (#1570)

* Modified memory allocation to use hipHostMalloc for few functionalities

* Modified memory allocation to use hipHostMalloc for other functionalities

* Modified memory allocation to use hipHostMalloc for additional 3 kernels

* Modified memory allocation to use hipHostMalloc for 2 kernels additional parameters

* Updated version

* Modified blend to use AGO_TARGET_AFFINITY_GPU flag and removed usage of ENABLE_HIP

* Modified usage of AGO_TARGET_AFFINITY_GPU flag

* Updated ResizeCropMirror changes

* Removed nullPtr condition

* Updated Flip and colorTemperature

* updated version in RPP cmakelist

* Update two more kernels and CMake

* Apply suggestions from code review

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Change macro

* Update rpp package version to 2.2.1

---------

Co-authored-by: shobana-mcw <shobana@multicorewareinc.com>
Co-authored-by: Kiriti Gowda <kiritigowda@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* VX_NN - mem leak fix (#1585)

* Fix - Memory leak

* Removed comment

* Fix - mem leak

* Fix - mem leak

---------

Co-authored-by: Kiriti Gowda <kiritigowda@gmail.com>

* CMakeLists - update GPU targets (#1581)

* upgrade mathjax version to 3.x to resolve a vulnerability (#1587)

* Upgrade MathJax to 3.x to resolve vulnerability (#1588)

* upgrade mathjax version to 3.x to resolve a vulnerability

* upgrade MathJax to 3.x

* VX_OpenCV & VX_Media - mem leak fix (#1586)

* Fix - Memory leak

* Removed comment

* Fix - mem leak

* Fix - mem leak

* VX_OpenCV - mem leak fix

* VX_OpenCV - mem leak fix

* VX_MEDIA - mem leak fix

* VX_MEDIA - mem leak fix

* Update amd_openvx_extensions/amd_media/decoder.cpp

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update OpenCV_goodFeaturesToTrackdetector.cpp

---------

Co-authored-by: Kiriti Gowda <kiritigowda@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Docs - Bump urllib3 from 2.5.0 to 2.6.0 in /docs/sphinx (#1589)

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.5.0...2.6.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.6.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Docs - Update CHANGELOG.md (#1590)

Updates for ROCm 7.2

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christian Heusel <christian@heusel.eu>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jonatluu <jonatluu@amd.com>
Co-authored-by: Christian Heusel <christian@heusel.eu>
Co-authored-by: Sruthi Srinivasan <srutsrin@amd.com>
Co-authored-by: Sundar Rajan Vaithiyanathan <99159823+SundarRajan28@users.noreply.github.com>
Co-authored-by: shobana-mcw <shobana@multicorewareinc.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Lakshmi Kumar <lakshmi.kumar@amd.com>
Co-authored-by: alexxu-amd <159800977+alexxu-amd@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amd-jnovotny amd-jnovotny amd-jnovotny approved these changes

@kiritigowda kiritigowda Awaiting requested review from kiritigowda kiritigowda is a code owner

@rrawther rrawther Awaiting requested review from rrawther rrawther is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alexxu-amd @amd-jnovotny