[SECURITY] [DLA 3917-1] python-reportlab security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3917-1] python-reportlab security update
From: rouca@debian.org
Date: Sun, 13 Oct 2024 15:59:43 +0000
Message-id: <[🔎] 1c2a2e8f0a72e3425b30b1d37e1810a5.rouca@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3917-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien RoucariÃ¨s
October 13, 2024                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : python-reportlab
Version        : 3.5.59-2+deb11u1
CVE ID         : CVE-2023-33733

Reportlab allowed attackers to execute arbitrary code (RCE) via supplying
a crafted PDF file.

For Debian 11 bullseye, this problem has been fixed in version
3.5.59-2+deb11u1.

We recommend that you upgrade your python-reportlab packages.

For the detailed security status of python-reportlab please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-reportlab

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmcL7m8RHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF9Yww/9F/BjeEuyAcVqOVc4tZd+bkmB+wEQMC1h
hEm74R0eVMYgIywhNHPSWprSoXt+nlkkMxjZ5cdLnkvsUoOl8BSt+3YK0pbHFsYS
izZXNCB3u15OgGgYWgRGKvvyvcpid3kjuMiEX/92Ko7+KvFNFA0iNjAB7f9XiEre
Owz/btLcgk2plnz69ZB4DFvMaNON9WKG3rThdUK1NYpjUi4U/QSjy0dQxihmoM9Y
3pENHcfp190FDxoHUlZvJbLqaodCdca4QC4ZfboQq0SiMgw2YlBKP4Fui64R9aU9
GijbYmfW2gua6yhwYrG5QPBF3AmvnkdvI0NybDxCzuAbNbJsPAXeic7jXRx6zTvm
i2/fToO6uQRtfEWnHPF08ADlczmhzh8V3yT1HOsBs2uxzEKveyCrZ1libbluol6H
cOliaTfPqwgkZ+nOcSG7Bmm9EFf3uKXVPzgOpCQpsMfHsl1+dVGYak5D8cXDRJwM
5wRoYwPyQ77MpgedThGTp16T1OSy5on7XzuDMjk6CXZvNkEvpEd0Xtz3n51wUbGf
F+JY0VwmnzDtQnnqryZnPp6cBzI1n+JI9GQCduNj4KZZvw06B/qDDTOWGUK1/ojO
p34jcZcZKJ8DLjdAHFyUKcilofhK+eWWAA8wIJ9TrHvDlvtuOZQl8OIIt9AfPYW3
OYjwRZarkCs=
=jjH9
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3915-1] libreoffice security update
Next by Date: [SECURITY] [DLA 3918-1] docker.io security update
Previous by thread: [SECURITY] [DLA 3915-1] libreoffice security update
Next by thread: [SECURITY] [DLA 3918-1] docker.io security update
Index(es):
- Date
- Thread