These fix a potential security vulnerability in the parsing of colours.
Previously, Iif someone had coded an application allowing user-input
expressions to be passed to our toColor constructor function, there was a
way to execute inappropriate code. If you are doing this, please upgrade
to the newest version.
I don't think we use it, but better to be safe IMO.
From the reportlab mailing list:
I don't think we use it, but better to be safe IMO.