Thank you! This was mistriaged as not affecting Ubuntu, which has been corrected: https://git.launchpad.net/ubuntu-cve- tracker/commit/?id=83e00d6f10a8f7a234751a97f87a62c88d0143cb
I have messaged Debian Security to track this as well. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-28184 ** Information type changed from Private Security to Public Security ** Changed in: weasyprint (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063160 Title: Security Update required To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/weasyprint/+bug/2063160/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs