William Khem-Marquez discovered that Pymatgen, a Python library for materials analysis, could be tricked into running arbitrary code if a malformed CIF file is processed.
https://security-tracker.debian.org/tracker/DSA-5763-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5763-1
Continue reading...
