Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python
library to create PDF documents, could be bypassed which may result in
the execution of arbitrary code when converting malformed HTML to a PDF
document.

https://security-tracker.debian.org/tracker/DSA-5791-1

Read More