python-reportlab-3.4.0-8.el8.1.ML.1
エラータID: AXSA:2023-6530:02
Release date:
Monday, October 23, 2023 - 02:22
Subject:
python-reportlab-3.4.0-8.el8.1.ML.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
Python-reportlab is a library used for generation of PDF documents.
Security Fix(es):
* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-19450
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '
Solution:
Update packages.
CVEs:
CVE-2019-19450
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '
Additional Info:
N/A
Download:
SRPMS
- python-reportlab-3.4.0-8.el8.1.ML.1.src.rpm
MD5: 829974269eb02f0f586947f370d8d644
SHA-256: bef6d4df6a047fa8fca4d3f3f623d901c5561bce76ebd22b9864c8c9b9756785
Size: 1.92 MB
Asianux Server 8 for x86_64
- python3-reportlab-3.4.0-8.el8.1.ML.1.x86_64.rpm
MD5: 4e300ab663d94e3e6cec61d577778c56
SHA-256: 58c6022cfd903d160577be3495b070544969c205d272eb79e3affc10adfe9cfa
Size: 1.25 MB
日本語