- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3917-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien Roucariès
October 13, 2024                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : python-reportlab
Version        : 3.5.59-2+deb11u1
CVE ID         : CVE-2023-33733

Reportlab allowed attackers to execute arbitrary code (RCE) via supplying
a crafted PDF file.

For Debian 11 bullseye, this problem has been fixed in version
3.5.59-2+deb11u1.

We recommend that you upgrade your python-reportlab packages.

For the detailed security status of python-reportlab please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-reportlab

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-3917-1: python-reportlab Security Advisory Updates

October 13, 2024
Reportlab allowed attackers to execute arbitrary code (RCE) via supplying a crafted PDF file

Summary

For Debian 11 bullseye, this problem has been fixed in version
3.5.59-2+deb11u1.

We recommend that you upgrade your python-reportlab packages.

For the detailed security status of python-reportlab please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-reportlab

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
Package : python-reportlab
Version : 3.5.59-2+deb11u1
CVE ID : CVE-2023-33733

Related News

Google Releases Chrome 130 with Critical Security Fixes for 17 Flaws
3 - 5 min read
Google recently unveiled Chrome 130 , an update that addresses several security vulnerabilities to ensure the web browser's safety and reliability.
U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors
3 - 5 min read
U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies.
FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems
3 - 5 min read
As malware threats evolve to increasingly target Linux systems, admins and organizations must stay up-to-date on the latest Linux malware variants
Optimizing CWPP on Linux Servers: Best Practices and Configurations
3 - 6 min read
Cloud Workload Protection Platforms are now essential for securing virtual environments. These provide a robust security layer vital for addressing
The Infiltration of Supply Chain Attacks in Open-Source Software Management
3 - 6 min read
Open-source projects are renowned for their collaborative nature and widespread adoption, yet more sophisticated supply chain attacks target them
Strengthen Your Linux Software Development Pipeline with Code Security Scanners
3 - 6 min read
Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security
Everything You Need to Know About Cloud Security Posture Management
3 - 5 min read
Many companies are transitioning from physical servers to cloud operations, but this transformation brings new challenges. Cloud Security Posture
Understanding the Critical Oath-Toolkit Vulnerability and Its Implications for Admins
3 - 5 min read
As Linux security threats advance and evolve, vulnerabilities often surface unexpectedly, exposing systems to potential exploitation. SUSE

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved