Ubuntu
weasyprint package

Security Update required

Bug #2063160 reported by Hadmut Danisch
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
weasyprint (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Ubuntu 24.04 comes with weasyprint 61.1 .

Weasyprint's latest release notes for 61.2 say at

https://doc.courtbouillon.org/weasyprint/stable/changelog.html

"This is a security update.

We strongly recommend to upgrade WeasyPrint to the latest version if you use WeasyPrint 61.0 or 61.1. Older versions are not impacted."

ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: weasyprint (not installed)
ProcVersionSignature: Ubuntu 6.5.0-27.28-generic 6.5.13
Uname: Linux 6.5.0-27-generic x86_64
ApportVersion: 2.28.1-0ubuntu2
Architecture: amd64
CasperMD5CheckResult: unknown
CloudArchitecture: x86_64
CloudBuildName: server
CloudID: lxd
CloudName: lxd
CloudPlatform: lxd
CloudSerial: 20240129
CloudSubPlatform: LXD socket API v. 1.0 (/dev/lxd/sock)
Date: Tue Apr 23 00:33:12 2024
ProcEnviron:
 LANG=de_DE.UTF-8
 PATH=(custom, no user)
 SHELL=/bin/bash
 TERM=xterm-256color
 XDG_RUNTIME_DIR=<set>
SourcePackage: weasyprint
UpgradeStatus: No upgrade log present (probably fresh install)

CVE References

Revision history for this message
Hadmut Danisch (hadmut) wrote :
Revision history for this message
Mark Esler (eslerm) wrote :

Thank you!

This was mistriaged as not affecting Ubuntu, which has been corrected: https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=83e00d6f10a8f7a234751a97f87a62c88d0143cb

I have messaged Debian Security to track this as well.

information type: Private Security → Public Security
Changed in weasyprint (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.