diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-28 21:06:22 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-01-28 21:06:22 +0100 |
commit | 35f1d9a6a16811a33c64ff15c73d21a796bc52f3 (patch) | |
tree | 54d888baaf8c9f6385d8df02eb2c83d1616bcf55 | |
parent | 74a707c8c8a9498f9b80f7683b4bb1733271167f (diff) |
Add fixed version for CVE-2019-17626/python-reportlab
-rw-r--r-- | data/CVE/2019.list | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 58c6b5a15b..5d74846fa1 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -6833,7 +6833,7 @@ CVE-2019-17628 CVE-2019-17627 (The Yale Bluetooth Key application for mobile devices allows unauthori ...) NOT-FOR-US: Yale Bluetooth Key application for mobile devices CVE-2019-17626 (ReportLab through 3.5.26 allows remote code execution because of toCol ...) - - python-reportlab <unfixed> (bug #942763) + - python-reportlab 3.5.34-1 (bug #942763) NOTE: https://bitbucket.org/rptlab/reportlab/issues/199/eval-in-colorspy-leads-to-remote-code NOTE: https://hg.reportlab.com/hg-public/reportlab/rev/51a521ad7dd3 CVE-2019-17625 (There is a stored XSS in Rambox 0.6.9 that can lead to code execution. ...) |