Synopsis: Important: python-pillow security update
Advisory ID: SLSA-2020:0578-1
Issue Date: 2020-02-24
CVE Numbers: CVE-2019-16865
CVE-2020-5312
—
Security Fix(es):
python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)
python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service (CVE-2019-16865)
—
SL7
x86_64
python-pillow-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
python-pillow-debuginfo-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
python-pillow-2.0.0-20.gitd1c6db8.el7_7.i686.rpm
python-pillow-debuginfo-2.0.0-20.gitd1c6db8.el7_7.i686.rpm
python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.i686.rpm
python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
python-pillow-doc-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
python-pillow-qt-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
python-pillow-sane-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
python-pillow-tk-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
– Scientific Linux Development Team
