USN-3090-2 -- pillow regresssionID: oval:org.secpod.oval:def:703290 | Date: (C)2016-10-03 (M)2023-12-26 |
Class: PATCH | Family: unix |
pillow: Python Imaging Library compatibility layer Details: USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix CVE-2014-9601 caused a regression which resulted in failures when processing certain png images. This update temporarily reverts the security fix for CVE-2014-9601 pending further investigation. We apologize for the inconvenience. Original advisory Pillow could be made to crash if it received specially crafted input or opened a specially crafted file.
Product: |
python-imaging |
python-pil |
python3-imaging |
python3-pil |