-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 28 Jan 2020 16:56:28 +0100 Source: python-reportlab Architecture: source Version: 3.5.34-1 Distribution: unstable Urgency: medium Maintainer: Matthias Klose <doko@debian.org> Changed-By: Matthias Klose <doko@debian.org> Closes: 948945 9381130 Changes: python-reportlab (3.5.34-1) unstable; urgency=medium . * New upstream version. * SECURITY UPDATE: remote code execution via crafted XML document - debian/patches/CVE-2019-17626.patch: safely parse color in src/reportlab/lib/colors.py. Thanks to Marek Kasik for the patch! - CVE-2019-17626 * Stop building the Python2 packages. Closes: #9381130. * Remove uploaders. Closes: #948945. * Bump standards version. Checksums-Sha1: 956b4f49b582a9e922adc3176c98dae5bf6e5713 2341 python-reportlab_3.5.34-1.dsc 0b90d65fe4e6da78b3d143bb3f0f5dd5382f23df 2879736 python-reportlab_3.5.34.orig.tar.gz e3b1e79a5f3d81664dce046f65e6a834a16e3103 12896 python-reportlab_3.5.34-1.debian.tar.xz 01a34b35cebab8a9c5a8328f1faa0f790f456f8f 7857 python-reportlab_3.5.34-1_source.buildinfo Checksums-Sha256: 3d609687f9dd95f308fae72555292b641d05b4614183ece4000b61328e9ec52d 2341 python-reportlab_3.5.34-1.dsc 9675a26d01ec141cb717091bb139b6227bfb3794f521943101da50327bff4825 2879736 python-reportlab_3.5.34.orig.tar.gz 8b357b3c509b471cb9bf181ed88903f5ccdb6304eb88b60b7ff383a40c05af6e 12896 python-reportlab_3.5.34-1.debian.tar.xz d85b18b319aac30b123369b0e97fea1d519ed802f118f3787d9c255602d9f0bc 7857 python-reportlab_3.5.34-1_source.buildinfo Files: fdccb207ad3ad47bfcf4496304c6a116 2341 python optional python-reportlab_3.5.34-1.dsc 77d37a7f9f785b3666206de0fbc44aab 2879736 python optional python-reportlab_3.5.34.orig.tar.gz 61d513edfed93bacc89c9259b45a0662 12896 python optional python-reportlab_3.5.34-1.debian.tar.xz 7f85af15980a5c03b26ebe8ab18e1859 7857 python optional python-reportlab_3.5.34-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAl4wXnAQHGRva29AZGVi aWFuLm9yZwAKCRC9fqpgd4+m9cfVD/9py9A81hD18Qub0k9OIkwpxSPlUnXZD79F YQArMtcjS98qYXpqOw1LB73OZEj54D+P9ejUrEmFB1hGSDN5Lv6Q21zGBl+anq2S DW7flWri5XtokvetXigXRoqmMDAAi3SW6rq42a13pF2NnJsorUqwTn0H+XHe6GQE meZ3g5w+cb+qjADSuc9Eay4+0xmEG61V5ydxXQL/RleKk92m/eUWRhcyGm2VEJGc I6uDmjx/GzHH44+tGBtV8adyDdPAJc+okAxI4rEwaw88hfZ/bo0dRNgQsBfpFh6M OORmm9AtwsXeqETbT9GAy6XZVUb6aspvhAxP2G/QZftAtIDh1puwxZnR8M250ovG EunJfClUd/+FR8jH8BhR9xacHA5SpJmCuOxhYEdy8aRCDlYgtdcoaIMs069b2r3H qx3VayKMK3jNHAd+rFuBmhrVdkffrWxtQ0qLX33cccLY1sCJucmd+KXm2Yw7rIq8 BKj/fNhMxA4IcUpdFe9vWbKEf5oueP76K0ydg0ETJBlFXQ7vYFJpUsPxcr930etd KWADlPP/VUEN3iIbtRf50VdMMfjRDvqH2BSL4Q8dh89PzWGOK0aAej1488W8CG8Y S8SxCeLtPALQSlWtP9RRJtE+0zcSdcvisYQUJlDRuuIT9vxORSBFMEMVa/+q++vH eZnn3b4FpQ== =HxB0 -----END PGP SIGNATURE-----