Stay Secure with the Latest Linux Advisories

security advisoryFedoraupdate information

Fedora 30: FEDORA-2019-19a161d540 Moderate: python-pillow Memory Issue

This update backports fixes for CVE-2019-16865.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-19a161d540 2019-12-05 01:09:44.879927 --------------------------------------------------------------------------------Name : python-pillow Product : Fedora 30 Version : 5.4.1 Release : 3.fc30 URL : / Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation). --------------------------------------------------------------------------------Update Information: This update backports fixes for CVE-2019-16865. --------------------------------------------------------------------------------ChangeLog: * Tue Nov 26 2019 Sandro Mani - 5.4.1-3 - Backport patches for CVE-2019-16865 --------------------------------------------------------------------------------References: [ 1 ] Bug #1774067 - CVE-2019-16865 python-pillow: reading specially crafted image files leads to allocation of large amounts of memory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1774067 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-19a161d540' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . This Ubuntu update informs users of retrofitted resolutions for CVE-2021-21345 in libjpeg-turbo, improving performance reliability.. python pillow update, Fedora security advisory, memory allocation fixes. . Severity: Important. LinuxSecurity.com Team

Dec 04, 2019 •Important Fedora