python-reportlab-3.4.0-6.el8.2
エラータID: AXSA:2020-207:04
Release date:
Tuesday, July 7, 2020 - 07:21
Subject:
python-reportlab-3.4.0-6.el8.2
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
Python-reportlab is a library used for generation of PDF documents.
Security Fix(es):
* python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-17626
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '
Solution:
Update packages.
CVEs:
CVE-2019-17626
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '
Additional Info:
N/A
Download:
SRPMS
- python-reportlab-3.4.0-6.el8.2.src.rpm
MD5: 14a63586c1ed46cf4a037b6a864f73d4
SHA-256: 09116eb70f1439fc8c33882c4c0390fb46677bb3637de2925b4ca54f192258b9
Size: 1.92 MB
Asianux Server 8 for x86_64
- python3-reportlab-3.4.0-6.el8.2.x86_64.rpm
MD5: 8c7915715a364e941880afec82009c53
SHA-256: 8d2864a4ba74d9d3916e956db47839b087fccd4b95e5a20eccdda3cf88519490
Size: 1.25 MB
日本語