[ubuntu/focal-proposed] python-reportlab 3.5.31-1.1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Jan 28 14:20:15 UTC 2020 

python-reportlab (3.5.31-1.1ubuntu1) focal; urgency=medium

  * SECURITY UPDATE: remote code execution via crafted XML document
    - debian/patches/CVE-2019-17626.patch: safely parse color in
      src/reportlab/lib/colors.py. Thanks to Marek Kasik for the patch!
    - CVE-2019-17626

Date: Tue, 28 Jan 2020 08:26:52 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-reportlab/3.5.31-1.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 28 Jan 2020 08:26:52 -0500
Source: python-reportlab
Architecture: source
Version: 3.5.31-1.1ubuntu1
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 python-reportlab (3.5.31-1.1ubuntu1) focal; urgency=medium
 .
   * SECURITY UPDATE: remote code execution via crafted XML document
     - debian/patches/CVE-2019-17626.patch: safely parse color in
       src/reportlab/lib/colors.py. Thanks to Marek Kasik for the patch!
     - CVE-2019-17626
Checksums-Sha1:
 05230382413f88e5d2a461c7ba9521e847fbe63b 2515 python-reportlab_3.5.31-1.1ubuntu1.dsc
 634ee24ee715ca5c2e006e561cad12be16b8e3c6 12924 python-reportlab_3.5.31-1.1ubuntu1.debian.tar.xz
 93ab70e6156e6031cbf70b74c0a7fc477b4d42fc 7394 python-reportlab_3.5.31-1.1ubuntu1_source.buildinfo
Checksums-Sha256:
 ed32b69f6944cc28c7af7704b3a6e5ef9e25f21c54c208f4ef674ee1d2a121cf 2515 python-reportlab_3.5.31-1.1ubuntu1.dsc
 0fe62de44fe653b269af676063242aa4a52ad196a1c16e321d736fa38eb94d70 12924 python-reportlab_3.5.31-1.1ubuntu1.debian.tar.xz
 96731d67e7e8bfaa47d13eeda40ebdc630433f526fa03a6d836b246618a9eaff 7394 python-reportlab_3.5.31-1.1ubuntu1_source.buildinfo
Files:
 4f4f29a9cbe26ebded1b5cde515d2147 2515 python optional python-reportlab_3.5.31-1.1ubuntu1.dsc
 12a80dbaa7cf98553a3f2ef00366766d 12924 python optional python-reportlab_3.5.31-1.1ubuntu1.debian.tar.xz
 80e86bec25d7ef2695dd833522b8ba9a 7394 python optional python-reportlab_3.5.31-1.1ubuntu1_source.buildinfo
Original-Maintainer: Matthias Klose <doko at debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl4wQnoACgkQZWnYVadE
vpNI8g/9HAMvIHNRQC0XfuExlSITcYZsIiIMsxvR35nf0Uiqla6+OiH6W6YaVEy4
y8WQLVJUSJ/iDkhlrtiLvb2g6H9QBGur26GnmMeyAE64m6I6OVM+EWgYWUGnVCC5
TvSbkS51Tk7zw6QNsmGxyV0EI0bIJhwLVU75qrhxvs8o39FdcoMJ3c18M4rN1OAS
GLxH1UIGwVHcN5DpZonOwZZmU1l2YvL4yvIj7hCSLU8rZs6o6a1bP8Sg3iykEIUO
aH52IE1fIosVc5px3ii5CwaHQqtef9y1kcGu3raQYA4F7fbI6Gxogb4FoV25qZM2
JDvLFZqhjzdmzw3/+AmrPzeBcUdTRvU6b0hasbv0DrNQ2yo32xul7JbhNg9qha5z
psjwX1mfCNPTBEahXGkTBcNaeVHSptyOv1QIyI4Nz/kA4Gt0DdQxEbmbLTjHJca8
XGc/7oV2JDF+uSD/HAawMQaxnjYwrvlusgZAr9GnabW+Yi2B2DuO3Xno4V1c9IoN
IVIaBKfuR2bFQFnMdGwt6C6XuGiuy1wiMnqZ85a/HLIVQRwbsHQg4srpPjxYOZFx
gcOeOwbfVO8Oqf1OViG9iigLuae5KCGOofZGgBMEZaezjDyzhOiJYG2kgklN8ETy
ywIzGaZykGCHxXQAvjLCFDXfK7tAmXQl9Abku3YB25DEBmtONrs=
=V4hh
-----END PGP SIGNATURE-----

More information about the Focal-changes mailing list