AVG-629 log

Package	python-openpyxl, python2-openpyxl
Status	Fixed
Severity	High
Type	xml external entity injection
Affected	2.4.0-1
Fixed	2.4.1-1
Current	3.1.5-2 [extra]
Ticket	None
Created	Thu Feb 22 22:37:21 2018

Issue	Severity	Remote	Type	Description
CVE-2017-5992	High	Yes	Xml external entity injection	Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.