Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
217
security advisorymoderatesecurity updateOracle Linux 8: ELSA-2024-4227 Moderate: Python Pillow Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4227 http://linux.oracle.com/errata/ELSA-2024-4227.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: python3-pillow-5.1.1-21.el8_10.x86_64.rpm python3-pillow-5.1.1-21.el8_10.i686.rpm python3-pillow-devel-5.1.1-21.el8_10.i686.rpm python3-pillow-devel-5.1.1-21.el8_10.x86_64.rpm python3-pillow-doc-5.1.1-21.el8_10.noarch.rpm python3-pillow-tk-5.1.1-21.el8_10.x86_64.rpm aarch64: python3-pillow-5.1.1-21.el8_10.aarch64.rpm python3-pillow-devel-5.1.1-21.el8_10.aarch64.rpm python3-pillow-doc-5.1.1-21.el8_10.noarch.rpm python3-pillow-tk-5.1.1-21.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//python-pillow-5.1.1-21.el8_10.src.rpm Related CVEs: CVE-2024-28219 Description of changes: [5.1.1-21] - Security fix for CVE-2024-28219 Resolves: RHEL-31071 _______________________________________________ El-errata mailing list
Jul 05, 2024
Oracle
89
security advisoryfedorabuffer overflowFedora 39: FEDORA-2024-e4b1b4eab1 Critical: Python Pillow Buffer Overflow
Update to 10.3.0.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-e4b1b4eab1 2024-04-10 04:04:22.640593 -------------------------------------------------------------------------------- Name : python-pillow Product : Fedora 39 Version : 10.3.0 Release : 1.fc39 URL : Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation). -------------------------------------------------------------------------------- Update Information: Update to 10.3.0. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 2 2024 Sandro Mani - 10.3.0-1 - Update to 10.3.0 * Fri Jan 26 2024 Fedora Release Engineering - 10.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering - 10.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2272567 - TRIAGE CVE-2024-28219 python-pillow: buffer overflow in _imagingcms.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272567 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-e4b1b4eab1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 10, 2024
•Critical
Fedora
217
security advisorymoderatesecurity updateOracle Linux 7 ELSA-2024-0456 moderate: python-requests security update
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0345 https://linux.oracle.com/errata/ELSA-2024-0345.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: python-pillow-2.0.0-24.gitd1c6db8.el7_9.aarch64.rpm python-pillow-devel-2.0.0-24.gitd1c6db8.el7_9.aarch64.rpm python-pillow-doc-2.0.0-24.gitd1c6db8.el7_9.aarch64.rpm python-pillow-qt-2.0.0-24.gitd1c6db8.el7_9.aarch64.rpm python-pillow-sane-2.0.0-24.gitd1c6db8.el7_9.aarch64.rpm python-pillow-tk-2.0.0-24.gitd1c6db8.el7_9.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//python-pillow-2.0.0-24.gitd1c6db8.el7_9.src.rpm Related CVEs: CVE-2023-44271 Description of changes: [2.0.0-24gitd1c6db8] - Security fix for CVE-2023-44271 Resolves: RHEL-15459 _______________________________________________ El-errata mailing list
Jan 25, 2024
Oracle
89
security advisoryfedoracriticalFedora 38: 2023-1a120657f9 Critical Resource Issue in Python Pillow
Update to 9.5.0, backport fix for CVE-2023-44271.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-1a120657f9 2023-11-12 01:42:07.505752 -------------------------------------------------------------------------------- Name : python-pillow Product : Fedora 38 Version : 9.5.0 Release : 1.fc38 URL : Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation). -------------------------------------------------------------------------------- Update Information: Update to 9.5.0, backport fix for CVE-2023-44271. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 3 2023 Sandro Mani - 9.5.0-1 - Update to 9.5.0 - Backport fix for CVE-2023-44271 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2247821 - CVE-2023-44271 python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247821 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1a120657f9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 12, 2023
•Critical
Fedora
219
security advisorymoderatesecurity patchRocky Linux 8 RLSA-2021:4149 Moderate: Python-Pillow Security Update
Moderate: python-pillow security update. \{'type': 'Security', 'shortCode': 'RL', 'name': 'RLSA-2021:4149', 'synopsis': 'Moderate: python-pillow security update', 'severity': 'Moderate', 'topic': 'An update for python-pillow is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.', 'description': 'The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAdditional Changes:\nFor detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': ['1915420', '1915432', '1934685', '1934699', '1934705', '1935384', '1935396', '1935401', '1958226', '1958231', '1958240', '1958252', '1958257', '1958263', '1982378'], 'cves': ['Red Hat:::https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34552.json:::CVE-2021-34552'], 'references': [], 'publishedAt': '2021-11-15T07:26:57.345572Z', 'rpms': ['python3-pillow-5.1.1-16.el8.aarch64.rpm', 'python3-pillow-5.1.1-16.el8.i686.rpm', 'python3-pillow-5.1.1-16.el8.x86_64.rpm', 'python3-pillow-debuginfo-5.1.1-16.el8.aarch64.rpm', 'python3-pillow-debuginfo-5.1.1-16.el8.i686.rpm', 'python3-pillow-debuginfo-5.1.1-16.el8.x86_64.rpm', 'python3-pillow-devel-5.1.1-16.el8.aarch64.rpm', 'python3-pillow-devel-5.1.1-16.el8.i686.rpm', 'python3-pillow-devel-5.1.1-16.el8.x86_64.rpm', 'python3-pillow-doc-5.1.1-16.el8.noarch.rpm', 'python3-pillow-tk-5.1.1-16.el8.aarch64.rpm','python3-pillow-tk-5.1.1-16.el8.x86_64.rpm', 'python3-pillow-tk-debuginfo-5.1.1-16.el8.aarch64.rpm', 'python3-pillow-tk-debuginfo-5.1.1-16.el8.x86_64.rpm', 'python-pillow-5.1.1-16.el8.src.rpm', 'python-pillow-debuginfo-5.1.1-16.el8.aarch64.rpm', 'python-pillow-debuginfo-5.1.1-16.el8.i686.rpm', 'python-pillow-debuginfo-5.1.1-16.el8.x86_64.rpm']}\. Debian Linux has released a ruby-rails update deemed essential, enhancing web application security and stability.. Rocky Linux Update, Python Pillow Security, Moderate Security Update. . LinuxSecurity.com Team
Sep 02, 2022
Rocky Linux
89
security advisoryFedoraDoSFedora 35 FEDORA-2022-64332f2a7c Moderate: python pillow DoS
Backport fix for CVE-2022-24303.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-64332f2a7c 2022-04-05 15:42:46.531407 --------------------------------------------------------------------------------Name : mingw-python-pillow Product : Fedora 35 Version : 8.3.2 Release : 3.fc35 URL : / Summary : MinGW Windows Python pillow library Description : MinGW Windows Python pillow library. --------------------------------------------------------------------------------Update Information: Backport fix for CVE-2022-24303. --------------------------------------------------------------------------------ChangeLog: * Mon Mar 28 2022 Sandro Mani - 8.3.2-3 - Backport fix for CVE-2022-24303 --------------------------------------------------------------------------------References: [ 1 ] Bug #2052683 - CVE-2022-24303 mingw-python-pillow: python-pillow: temporary directory with a space character allows removal of unrelated file after im.show() and related actions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2052683 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-64332f2a7c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2022
Fedora
89
security advisoryFedorapackage updateFedora 36: FEDORA-2022-2e4c6ac063 moderate: python pillow package fix
Fix incorrect mingw package name.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-2e4c6ac063 2022-03-26 14:56:28.653784 --------------------------------------------------------------------------------Name : python-pillow Product : Fedora 36 Version : 9.0.1 Release : 6.fc36 URL : Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation). --------------------------------------------------------------------------------Update Information: Fix incorrect mingw package name. --------------------------------------------------------------------------------ChangeLog: * Thu Mar 3 2022 Sandro Mani - 9.0.1-6 - Fix name -> srcname --------------------------------------------------------------------------------References: [ 1 ] Bug #2052684 - CVE-2022-24303 python-pillow: temporary directory with a space character allows removal of unrelated file after im.show() and related actions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2052684 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-2e4c6ac063' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 26, 2022
Fedora
89
security advisorymoderatefedoraFedora 36 FEDORA-2022-6746739d52 Moderate: Python Pillow Mingw Update
Add mingw subpackages.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-6746739d52 2022-03-26 14:56:28.650826 --------------------------------------------------------------------------------Name : python-pillow Product : Fedora 36 Version : 9.0.1 Release : 5.fc36 URL : Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation). --------------------------------------------------------------------------------Update Information: Add mingw subpackages. --------------------------------------------------------------------------------ChangeLog: * Thu Feb 24 2022 Sandro Mani - 9.0.1-5 - Make mingw subpackages noarch * Thu Feb 24 2022 Sandro Mani - 9.0.1-4 - Add mingw subpackages --------------------------------------------------------------------------------References: [ 1 ] Bug #2060171 - F36FailsToInstall: mingw64-freeimage, mingw32-freeimage https://bugzilla.redhat.com/show_bug.cgi?id=2060171 [ 2 ] Bug #2060172 - F36FailsToInstall: mingw32-gdal, mingw64-gdal https://bugzilla.redhat.com/show_bug.cgi?id=2060172 [ 3 ] Bug #2060174 - F36FailsToInstall: mingw32-opencv, mingw64-opencv https://bugzilla.redhat.com/show_bug.cgi?id=2060174 [ 4 ] Bug #2060175 - F36FailsToInstall: mingw32-poppler, mingw64-poppler https://bugzilla.redhat.com/show_bug.cgi?id=2060175 [ 5 ] Bug #2060176 - F36FailsToInstall: mingw32-python3-shapely, mingw64-python3-shapely https://bugzilla.redhat.com/show_bug.cgi?id=2060176 [ 6 ] Bug #2060177 - F36FailsToInstall: mingw32-qtspell-qt5, mingw64-qtspell-qt5 https://bugzilla.redhat.com/show_bug.cgi?id=2060177 [ 7 ] Bug #2060358 - F36FailsToInstall: mingw32-python3-pyproj, mingw64-python3-pyproj https://bugzilla.redhat.com/show_bug.cgi?id=2060358 [ 8 ] Bug #2060816 - F36FailsToInstall: mingw64-SDL2_image, mingw32-SDL2_image https://bugzilla.redhat.com/show_bug.cgi?id=2060816 [ 9 ] Bug #2060818 - F36FailsToInstall: mingw32-qt5-qtimageformats, mingw64-qt5-qtimageformats https://bugzilla.redhat.com/show_bug.cgi?id=2060818 [ 10 ] Bug #2060819 - F36FailsToInstall: mingw32-qt5-qtwebkit, mingw64-qt5-qtwebkit https://bugzilla.redhat.com/show_bug.cgi?id=2060819 [ 11 ] Bug #2060820 - F36FailsToInstall: mingw32-qt6-qtimageformats, mingw64-qt6-qtimageformats https://bugzilla.redhat.com/show_bug.cgi?id=2060820 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-6746739d52' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 26, 2022
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!