Hi, I am currently investigating if the versions of openpyxl in Wheezy and Jessie are vulnerable. Apparently support for lxml was first introduced in version 1.8. Wheezy and Jessie ship older versions though.
Is there another attack vector or can we assume that all versions without lxml support are not affected? Regards, Markus
signature.asc
Description: OpenPGP digital signature
