python-pillow-5.1.1-18.el8_9.1.ML.1
エラータID: AXSA:2024-7539:03
Release date:
Monday, February 26, 2024 - 13:46
Subject:
python-pillow-5.1.1-18.el8_9.1.ML.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.
Security Fix(es):
* pillow: Arbitrary Code Execution via the environment parameter (CVE-2023-50447)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-50447
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
Solution:
Update packages.
CVEs:
CVE-2023-50447
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
Additional Info:
N/A
Download:
SRPMS
- python-pillow-5.1.1-18.el8_9.1.ML.1.src.rpm
MD5: a51bbb76d1a7fbcc78f397f09c4c60ba
SHA-256: 8688b7925bcc89137893dd90fc379f4e2ed84b9559886b500476e1324e14f439
Size: 13.52 MB
Asianux Server 8 for x86_64
- python3-pillow-5.1.1-18.el8_9.1.ML.1.i686.rpm
MD5: 17f59f838f0cceea0436a0d961cac879
SHA-256: e92071e796c798c7eee608d22e8be2c747ff538a3f6b68a69ef8256a83d5b97a
Size: 640.06 kB - python3-pillow-5.1.1-18.el8_9.1.ML.1.x86_64.rpm
MD5: a51a52c479c6a0499923096cf3cbd005
SHA-256: 07e1e220b5dd0d9edc2ed69ac2c0573bf564db6a69e9f20f8779e6cb498c89de
Size: 631.54 kB - python3-pillow-devel-5.1.1-18.el8_9.1.ML.1.i686.rpm
MD5: 38fd244f49aa322b31a10c0a2ba8659a
SHA-256: b5ec319ad96215aa06cd15cebca32d1d59d4fc036d9fba20736bd7baf47beeeb
Size: 33.48 kB - python3-pillow-devel-5.1.1-18.el8_9.1.ML.1.x86_64.rpm
MD5: d8f00599fca83611c822257baf17bb8f
SHA-256: 6931d62cbfd68453cad817d0303406a82df4199eba05ab01a086af7b380ea662
Size: 33.45 kB - python3-pillow-doc-5.1.1-18.el8_9.1.ML.1.noarch.rpm
MD5: 6e3cb7a84e47c62a275b9aa634573bda
SHA-256: 4da11444a67be3e2218c78edd39d0adf69adf9eb37b499cf137b7d18be670baa
Size: 1.99 MB - python3-pillow-tk-5.1.1-18.el8_9.1.ML.1.x86_64.rpm
MD5: 8a0ee0f6f69af4c873396cc4c2eb34cd
SHA-256: e2eb6aa038991d79cb6f7af9688d8bc2d5c7e0cef65fae5b43654eb64cbea547
Size: 36.61 kB