RHSA-2021:4149-01 -- Redhat python-pillow, python3-pillowID: oval:org.secpod.oval:def:506463 | Date: (C)2021-11-22 (M)2023-12-26 |
Class: PATCH | Family: unix |
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix: * python-pillow: Out-of-bounds read in J2K image reader * python-pillow: Out-of-bounds read in J2K image reader * python-pillow: Negative-offset memcpy in TIFF image reader * python-pillow: Regular expression DoS in PDF format parser * python-pillow: Out-of-bounds read in SGI RLE image reader * python-pillow: Excessive memory allocation in BLP image reader * python-pillow: Excessive memory allocation in ICNS image reader * python-pillow: Excessive memory allocation in ICO image reader * python-pillow: Excessive memory allocation in PSD image reader * python-pillow: Infinite loop in FLI image reader * python-pillow: Excessive CPU use in EPS image reader * python-pillow: Excessive looping in BLP image reader * python-pillow: Buffer overflow in image convert function * python-pillow: Buffer over-read in PCX image reader * python-pillow: Buffer over-read in SGI RLE image reader For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |
Product: |
python-pillow |
python3-pillow |