CentOS Local Security Checks : CentOS: Security Advisory for python-reportlab (CESA-2020:0195)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.883168

Categoría: CentOS Local Security Checks

Título: CentOS: Security Advisory for python-reportlab (CESA-2020:0195)

Resumen: The remote host is missing an update for the 'python-reportlab'; package(s) announced via the CESA-2020:0195 advisory.

Descripción: Summary:
The remote host is missing an update for the 'python-reportlab'
package(s) announced via the CESA-2020:0195 advisory.

Vulnerability Insight:
Python-reportlab is a library used for generation of PDF documents.

Security Fix(es):

* python-reportlab: code injection in colors.py allows attacker to execute
code (CVE-2019-17626)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'python-reportlab' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-17626
Debian Security Information: DSA-4663 (Google Search)
https://www.debian.org/security/2020/dsa-4663
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZPHP2BJSTP4IYCSJRQINP763IHO6ASL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSCTOE3DITFICY2XKBYZ5WAF5TSQ52DM/
https://security.gentoo.org/glsa/202007-35
https://bitbucket.org/rptlab/reportlab/issues/199/eval-in-colorspy-leads-to-remote-code
https://bitbucket.org/rptlab/reportlab/src/default/CHANGES.md
https://lists.debian.org/debian-lts-announce/2020/02/msg00019.html
RedHat Security Advisories: RHSA-2020:0195
https://access.redhat.com/errata/RHSA-2020:0195
RedHat Security Advisories: RHSA-2020:0197
https://access.redhat.com/errata/RHSA-2020:0197
RedHat Security Advisories: RHSA-2020:0201
https://access.redhat.com/errata/RHSA-2020:0201
RedHat Security Advisories: RHSA-2020:0230
https://access.redhat.com/errata/RHSA-2020:0230
SuSE Security Announcement: openSUSE-SU-2020:0160 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00002.html
https://usn.ubuntu.com/4273-1/

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.883168
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for python-reportlab (CESA-2020:0195)
Resumen:	The remote host is missing an update for the 'python-reportlab'; package(s) announced via the CESA-2020:0195 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-reportlab' package(s) announced via the CESA-2020:0195 advisory. Vulnerability Insight: Python-reportlab is a library used for generation of PDF documents. Security Fix(es): * python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'python-reportlab' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-17626 Debian Security Information: DSA-4663 (Google Search) https://www.debian.org/security/2020/dsa-4663 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZPHP2BJSTP4IYCSJRQINP763IHO6ASL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSCTOE3DITFICY2XKBYZ5WAF5TSQ52DM/ https://security.gentoo.org/glsa/202007-35 https://bitbucket.org/rptlab/reportlab/issues/199/eval-in-colorspy-leads-to-remote-code https://bitbucket.org/rptlab/reportlab/src/default/CHANGES.md https://lists.debian.org/debian-lts-announce/2020/02/msg00019.html RedHat Security Advisories: RHSA-2020:0195 https://access.redhat.com/errata/RHSA-2020:0195 RedHat Security Advisories: RHSA-2020:0197 https://access.redhat.com/errata/RHSA-2020:0197 RedHat Security Advisories: RHSA-2020:0201 https://access.redhat.com/errata/RHSA-2020:0201 RedHat Security Advisories: RHSA-2020:0230 https://access.redhat.com/errata/RHSA-2020:0230 SuSE Security Announcement: openSUSE-SU-2020:0160 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00002.html https://usn.ubuntu.com/4273-1/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH