python-pillow-2.0.0-20.gitd1c6db8.el7
エラータID: AXSA:2020-4477:01
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.
Security Fix(es):
* python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)
* python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service (CVE-2019-16865)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-16865
An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
CVE-2020-5312
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
Update packages.
An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
N/A
SRPMS
- python-pillow-2.0.0-20.gitd1c6db8.el7.src.rpm
MD5: c6b8ef650adb88cbe03a5d8b58255763
SHA-256: 0ec34230ad6abed1e207b8dcd3a6ba89c7a8895414dafa52e9ea9682c0dd74fa
Size: 1.23 MB
Asianux Server 7 for x86_64
- python-pillow-2.0.0-20.gitd1c6db8.el7.x86_64.rpm
MD5: 47f2d6fb9f17b398625173f63f754694
SHA-256: 822d263dbee258173503b0b3306b160f56cfbb25cb4162bb43d6db8b4af29852
Size: 437.70 kB
日本語