python-imaging-1.1.6-20.AXS4

エラータID: AXSA:2020-4501:01

Release date: 
Wednesday, March 18, 2020 - 16:46
Subject: 
python-imaging-1.1.6-20.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

The Python Imaging Library (PIL) adds image processing capabilities to your Python interpreter. This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities.

Security Fix(es):

* python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-5312
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.

Solution: 

Update packages.

CVEs: 
CVE-2020-5312
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
Additional Info: 

N/A

Download: 

SRPMS
  1. python-imaging-1.1.6-20.AXS4.src.rpm
    MD5: 9927adc2d03012cd2e94f251f26e413d
    SHA-256: dffccd9934eb10bb1426ad5dde89e8981e9d541aac0c0667080010bdd488abf6
    Size: 442.20 kB

Asianux Server 4 for x86
  1. python-imaging-1.1.6-20.AXS4.i686.rpm
    MD5: 15a6a608d1bdbf2c6de53c2e3c754889
    SHA-256: 461173ffdfedfc2e22d795920cda07cefa0ac7f14f42e5ab13fd09d697aef4a6
    Size: 384.28 kB

Asianux Server 4 for x86_64
  1. python-imaging-1.1.6-20.AXS4.x86_64.rpm
    MD5: 92e475827ab844c0a7dfd786d9bb5449
    SHA-256: 6ef7d0772ffc1ff33c94d59e0afa7b9410fd01b373d61863d7a63cf15fa9eb45
    Size: 385.26 kB