Issued:: 2020-01-27
Updated:: 2020-01-27

RHSA-2020:0230 - Security Advisory

Overview
Updated Packages

Synopsis

Important: python-reportlab security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python-reportlab is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Python-reportlab is a library used for generation of PDF documents.

Security Fix(es):

python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0 x86_64

Fixes

BZ - 1769661 - CVE-2019-17626 python-reportlab: code injection in colors.py allows attacker to execute code

CVEs

CVE-2019-17626

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0

SRPM
python-reportlab-3.4.0-6.el8_0.2.src.rpm	SHA-256: cfbf0326cc153ca681ae7ab7696eca7dee05a2fe232635929482dc778b9387c5
ppc64le
python-reportlab-debugsource-3.4.0-6.el8_0.2.ppc64le.rpm	SHA-256: 5841923f11580bb7843ad988af0450a33cd056ae00099fee4c7ca5d27f559ddb
python3-reportlab-3.4.0-6.el8_0.2.ppc64le.rpm	SHA-256: 4531313407fce61c59e5b0bdb6e0a1f81a7baf8ba58a7fa1468673eaced40558
python3-reportlab-debuginfo-3.4.0-6.el8_0.2.ppc64le.rpm	SHA-256: 6c8cfb6829268e72eee7b8330fd5d79a314fd5a7dfb18efb5a35955c363ac547

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0

SRPM
python-reportlab-3.4.0-6.el8_0.2.src.rpm	SHA-256: cfbf0326cc153ca681ae7ab7696eca7dee05a2fe232635929482dc778b9387c5
x86_64
python-reportlab-debugsource-3.4.0-6.el8_0.2.x86_64.rpm	SHA-256: de904a03b6b085a9b6cdadda363134a23fc76091c85e5aadaca04eb0d7d544a6
python3-reportlab-3.4.0-6.el8_0.2.x86_64.rpm	SHA-256: 7c9e471d353572741136f3beb9e3b69163fefa8cc2ac736cc6e5e4eb668b53e0
python3-reportlab-debuginfo-3.4.0-6.el8_0.2.x86_64.rpm	SHA-256: f9f90de5dbb17bafad1d5121db7b28670a4a409bdf8d9a3067b3b0e1fa559ea6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation