ELSA-2020-3185

Опубликовано: 29 июл. 2020

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2020-3185: python-pillow security update (IMPORTANT)

[5.1.1-12]

Fix for CVE-2020-5313 Resolves: rhbz#1789532

[5.1.1-11]

Fix for CVE-2020-11538 Resolves: rhbz#1852814

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

python3-pillow

5.1.1-12.el8_2

Oracle Linux x86_64

python3-pillow

5.1.1-12.el8_2

Связанные CVE

CVE-2020-5313

CVE-2020-11538

Ссылки на источники

Связанные уязвимости

RLSA-2020:3185

rocky

больше 5 лет назад

Important: python-pillow security update

CVE-2020-11538

CVSS3: 8.1

ubuntu

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

CVE-2020-11538

CVSS3: 8.1

redhat

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

CVE-2020-11538

CVSS3: 8.1

nvd

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

CVE-2020-11538

CVSS3: 8.1

debian

больше 5 лет назад

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out- ...