On Mon, Jun 02, 2014 at 10:39:56PM +0200, Nicolas Chauvet wrote:
python-pillow-2.2.1-4.fc20.src.rpm
This one can be fixed by upgrading to 2.3.0 (or greater. 2.4.0 is current). 2.4.0 is what's in rawhide. Not sure if that's safe to push back to f20 and earlier. (Although I see that there's an insecure use of tempfile CVE that was ficed in 2.3.1 so maybe it makes sense to update even if there is API breakage.)
@smani: Do you have more information here?
-Toshio