Описание
Security update for python-Pillow
This update for python-Pillow fixes the following issues:
- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)
Список пакетов
openSUSE Leap 15.5
python3-Pillow-7.2.0-150300.3.9.1
python3-Pillow-tk-7.2.0-150300.3.9.1
Ссылки
- Link for SUSE-SU-2024:1154-1
- E-Mail link for SUSE-SU-2024:1154-1
- SUSE Security Ratings
- SUSE Bug 1222262
- SUSE CVE CVE-2024-28219 page
Описание
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1
Ссылки
- CVE-2024-28219
- SUSE Bug 1222262