python-pillow-5.1.1-22.el8_10
エラータID: AXSA:2026-1268:01
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python-pillow: Pillow: Denial of Service via crafted BDF font file (CVE-2026-55379)
* python-pillow: Pillow: Denial of Service via crafted GD 2.x image file (CVE-2026-55380)
* python-pillow: Pillow: Denial of Service via crafted PCF font data (CVE-2026-54059)
* python-pillow: Pillow: Denial of Service via excessive memory allocation when processing font files (CVE-2026-54060)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-54059
Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py _load_bitmaps() read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes() without calling Image._decompression_bomb_check(), allowing crafted PCF font data to cause excessive memory allocation. This issue is fixed in version 12.3.0.
CVE-2026-54060
Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile() assembled per-glyph images into a combined bitmap with Image.new("1", (xsize, ysize)) without calling Image._decompression_bomb_check(), allowing a font to trigger excessive allocation during conversion or saving. This issue is fixed in version 12.3.0.
CVE-2026-55379
Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdf_char() read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new() without calling Image._decompression_bomb_check(), bypassing Pillow's documented decompression bomb protection and allowing excessive memory allocation. This issue is fixed in version 12.3.0.
CVE-2026-55380
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile._open() read image dimensions from the GD 2.x header and stored them in self._size without calling Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This issue is fixed in version 12.3.0.
Update packages.
Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py _load_bitmaps() read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes() without calling Image._decompression_bomb_check(), allowing crafted PCF font data to cause excessive memory allocation. This issue is fixed in version 12.3.0.
Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile() assembled per-glyph images into a combined bitmap with Image.new("1", (xsize, ysize)) without calling Image._decompression_bomb_check(), allowing a font to trigger excessive allocation during conversion or saving. This issue is fixed in version 12.3.0.
Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdf_char() read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new() without calling Image._decompression_bomb_check(), bypassing Pillow's documented decompression bomb protection and allowing excessive memory allocation. This issue is fixed in version 12.3.0.
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile._open() read image dimensions from the GD 2.x header and stored them in self._size without calling Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This issue is fixed in version 12.3.0.
N/A
SRPMS
- python-pillow-5.1.1-22.el8_10.src.rpm
MD5: f4cd602f92550d8225c5c26172d02967
SHA-256: 09835bd18f70c162137cbec67c20cd9e3cbfbb8b6169dd9861b010f8ac106d67
Size: 13.52 MB
Asianux Server 8 for x86_64
- python3-pillow-5.1.1-22.el8_10.i686.rpm
MD5: 8d1e10050def9a7a4d98ad752688d094
SHA-256: 7b08c60515ddc475596871e83728725ead35e43a39ab78bf58fdec8240c89283
Size: 640.59 kB - python3-pillow-5.1.1-22.el8_10.x86_64.rpm
MD5: 4dfa1cda5935d837b462e18d8e96706c
SHA-256: 10418790421180d153dfa7bc48978ac9712abf537ab89b5f949c3503a94007c2
Size: 632.02 kB - python3-pillow-devel-5.1.1-22.el8_10.i686.rpm
MD5: 7a55ad5b3f771828dd529b63d50d2150
SHA-256: 0232c3ef3a23bd7599d4cbebdc034f275df8f7e1d11de073d00899b5c7c88b57
Size: 33.75 kB - python3-pillow-devel-5.1.1-22.el8_10.x86_64.rpm
MD5: fa8afe7306d1cb0d15dc1fd6a14d724f
SHA-256: 900152b55b7ef79cdd177848733f0fe90a5c035358fc997c863ac3f1fe7b48fa
Size: 33.72 kB - python3-pillow-doc-5.1.1-22.el8_10.noarch.rpm
MD5: e2477203eb572aec84e4718cdedc2d0b
SHA-256: 59aa2832fdc72c26d5f3fa003c73dbfd10d4279be60427b4fb9928f82ae94f32
Size: 1.99 MB - python3-pillow-tk-5.1.1-22.el8_10.x86_64.rpm
MD5: 4858263b3a1daaf8ccddd1006d1b4a74
SHA-256: 1616fb55aaa012150fb040c4de45f03e6b8aa940be807c4fd998440b4dc1acd3
Size: 36.88 kB