- ------------------------------------------------------------------------- Debian LTS Advisory DLA-2861-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 28, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : rdflib Version : 4.2.1-2+deb9u1 CVE ID : CVE-2019-7653 Debian Bug : 921751 The python-rdflib-tools package (tools for converting to and from RDF) had wrappers that could load Python modules from the current working directory, allowing code injection. For Debian 9 stretch, this problem has been fixed in version 4.2.1-2+deb9u1. We recommend that you upgrade your rdflib packages. For the detailed security status of rdflib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/rdflib Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS