-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-19a161d540 2019-12-05 01:09:44.879927 --------------------------------------------------------------------------------
Name : python-pillow Product : Fedora 30 Version : 5.4.1 Release : 3.fc30 URL : http://python-pillow.github.io/ Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL)
This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities.
There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation).
-------------------------------------------------------------------------------- Update Information:
This update backports fixes for CVE-2019-16865. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 26 2019 Sandro Mani manisandro@gmail.com - 5.4.1-3 - Backport patches for CVE-2019-16865 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1774067 - CVE-2019-16865 python-pillow: reading specially crafted image files leads to allocation of large amounts of memory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1774067 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-19a161d540' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------