UbuntuUpdates.org

Package "python-reportlab"

Name: python-reportlab

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Documentation for the ReportLab Python library (PDF format)
  • python low level render interface
  • python low level render interface (debug extension)
  • ReportLab library to create PDF documents using Python3

Latest version: 3.4.0-3ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: main

Links



Other versions of "python-reportlab" in Bionic

Repository Area Version
base main 3.4.0-3build1
base universe 3.4.0-3build1
security universe 3.4.0-3ubuntu0.1
updates main 3.4.0-3ubuntu0.1
updates universe 3.4.0-3ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.4.0-3ubuntu0.1 2020-02-06 20:06:26 UTC

  python-reportlab (3.4.0-3ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: remote code execution via crafted XML document
    - debian/patches/CVE-2019-17626.patch: safely parse color in
      src/reportlab/lib/colors.py. Thanks to Marek Kasik for the patch!
    - CVE-2019-17626

 -- Marc Deslauriers <email address hidden> Tue, 28 Jan 2020 08:52:54 -0500

CVE-2019-17626 ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<sp



About   -   Send Feedback to @ubuntu_updates