ELA-983-1 python-reportlab security update

Debian 10220 Published 2023-10-16 07:18 by Philipp Esselbach

News

A python-reportlab security update has been released for Debian GNU/Linux 9 Extended LTS to address two vulnerabilities.

ELA-983-1 python-reportlab security update
Package : python-reportlab
Version : 3.3.0-2+deb9u2 (stretch)

Related CVEs :
CVE-2019-19450
CVE-2020-28463

Vulnerabilities were found in python-reportlab, a Python library for creating
PDF documents.

CVE-2019-19450
The start_unichar function in paraparser.py was found to evaluate untrusted
user input, which could permit remote code execution.

CVE-2020-28463
It was discovered that img tags could be used for Server-side Request Forgery
(SSRF). The issue can be mitigated by using the new trustedSchemes and
trustedHosts rl_config variables. See “Inline Images” in ch. 6 of the
reportlab user manual.
ELA-983-1 python-reportlab security update

ELA-984-1 nghttp2 security update

GE-Proton8-19 released

Windows

Windows 11 499
Windows 11 Insider Preview Build 22635.4510 (Beta Channel) released
2024-11-16 06:23 by Philipp Esselbach
Microsoft 11799
Windows Package Manager v1.10.40 Preview released
2024-11-16 07:08 by Philipp Esselbach
Software 42752
Fort Firewall 3.14.12 released
2024-11-15 16:03 by Philipp Esselbach

Linux

KDE 1537
KDE neon 20241117 released
2024-11-17 11:40 by Philipp Esselbach
Security 10809
Linux Security Roundup for Week 47, 2024
2024-11-17 08:16 by Philipp Esselbach
Debian 10220
Waitress and PostgreSQL updates for Debian
2024-11-17 07:11 by Philipp Esselbach

macOS

Apple 10244
visionOS 2.2 Beta 2 released
2024-11-13 06:32 by Philipp Esselbach
Apple 10244
iOS 18.2 Beta 3 released
2024-11-12 07:20 by Philipp Esselbach
Apple 10244
macOS Sequoia 15.2 beta 3 released
2024-11-12 07:17 by Philipp Esselbach

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...