-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2020-87fd65eed3 2020-01-30 23:43:00.777242 --------------------------------------------------------------------------------
Name : python3-pillow Product : Fedora EPEL 7 Version : 6.2.2 Release : 1.el7 URL : http://python-pillow.github.io/ Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL)
This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities.
There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation).
-------------------------------------------------------------------------------- Update Information:
Update to 6.2.2 - See https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 11 2020 Orion Poplawski orion@nwra.com - 6.2.2-1 - Update to 6.2.2 (Resolves CVE-2020-5313, CVE-2020-5312, CVE-2020-5311, CVE-2020-5310, bz#1789542) * Tue May 14 2019 Orion Poplawski orion@nwra.com - 6.0.0-2 - Require python3-qt5 instead of python3-Qt4 * Wed May 8 2019 Orion Poplawski orion@nwra.com - 6.0.0-1 - Adapt for python3 for EPEL7 * Tue Apr 2 2019 Sandro Mani manisandro@gmail.com - 6.0.0-1 - Update to 6.0.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1789532 - CVE-2020-5313 python-pillow: Buffer overflow in libImaging/FliDecode.c https://bugzilla.redhat.com/show_bug.cgi?id=1789532 [ 2 ] Bug #1789540 - CVE-2019-19911 python-pillow: Out of memory issue in FpxImagePlugin.py https://bugzilla.redhat.com/show_bug.cgi?id=1789540 [ 3 ] Bug #1789538 - CVE-2020-5310 python-pillow: Integer overflow in libImaging/TiffDecode.c https://bugzilla.redhat.com/show_bug.cgi?id=1789538 [ 4 ] Bug #1789533 - CVE-2020-5312 python-pillow: Buffer overflow in libImaging/PcxDecode.c https://bugzilla.redhat.com/show_bug.cgi?id=1789533 [ 5 ] Bug #1789535 - CVE-2020-5311 python-pillow: Buffer overflow in libImaging/SgiRleDecode.c https://bugzilla.redhat.com/show_bug.cgi?id=1789535 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update python3-pillow' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7%5C /html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org