Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

openSUSE: 2023:3972-1 Critical: python-reportlab Remote Execution Risk

opensuse
Calendar Grey October 4, 2023
Dist Opensuse Esm H88
The latest update for python-reportlab addresses risks of remote code execution linked to untrusted input on openSUSE, enhancing security for developers
This update for python-reportlab fixes the following issues: CVE-2019-19450: Fixed an issue which allowed remote code execution via start_unichar in paraparser.py evaluating untrus...

Description

This update for python-reportlab fixes the following issues:

* CVE-2019-19450: Fixed an issue which allowed remote code execution via

start_unichar in paraparser.py evaluating untrusted user input.

(bsc#1215560)

Topics%20covered

Topics Covered

security advisory remote execution critical threat openSUSE python-reportlab

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4

zypper in -t patch openSUSE-SLE-15.4-2023-3972=1

* openSUSE Leap 15.5

zypper in -t patch openSUSE-SLE-15.5-2023-3972=1

* SUSE Package Hub 15 15-SP4

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3972=1

* SUSE Package Hub 15 15-SP5

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3972=1

Package List

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)

* python3-reportlab-debuginfo-3.4.0-150000.3.12.1

* python-reportlab-debugsource-3.4.0-150000.3.12.1

* python3-reportlab-3.4.0-150000.3.12.1

* python-reportlab-debuginfo-3.4.0-150000.3.12.1

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)

* python3-reportlab-debuginfo-3.4.0-150000.3.12.1

* python3-reportlab-3.4.0-150000.3.12.1

* python-reportlab-debugsource-3.4.0-150000.3.12.1

* python-reportlab-debuginfo-3.4.0-150000.3.12.1

* SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64)

* python3-reportlab-debuginfo-3.4.0-150000.3.12.1

* python-reportlab-debugsource-3.4.0-150000.3.12.1

* python3-reportlab-3.4.0-150000.3.12.1

* python-reportlab-debuginfo-3.4.0-150000.3.12.1

* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)

* python3-reportlab-debuginfo-3.4.0-150000.3.12.1

* python-reportlab-debugsource-3.4.0-150000.3.12.1

* python3-reportlab-3.4.0-150000.3.12.1

* python-reportlab-debuginfo-3.4.0-150000.3.12.1

References

* #1215560

## References:

* https://www.suse.com/security/cve/CVE-2019-19450.html

* https://bugzilla.suse.com/show_bug.cgi?id=1215560

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3972-1
Rating: important

Topics%20covered

Topics Covered

security advisory remote execution critical threat openSUSE python-reportlab

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here