You are here
Home > Preporuke > Sigurnosni propust programskog paketa python-pillow

Sigurnosni propust programskog paketa python-pillow

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5487
2014-04-23 03:00:01
——————————————————————————–

Name : python-pillow
Product : Fedora 19
Version : 2.0.0
Release : 13.gitd1c6db8.fc19
URL : http://python-imaging.github.com/Pillow/
Summary : Python image processing library
Description :
Python image processing library, fork of the Python Imaging Library (PIL)

This library provides extensive file format support, an efficient
internal representation, and powerful image processing capabilities.

There are five subpackages: tk (tk interface), qt (PIL image wrapper for Qt),
sane (scanning devices interface), devel (development) and doc (documentation).

——————————————————————————–
Update Information:

This update fixes CVE-2014-1933 (rhbz #1063663).
——————————————————————————–
ChangeLog:

* Tue Apr 22 2014 Sandro Mani <manisandro@gmail.com> – 2.0.0-13.gitd1c6db8
– Fix CVE-2014-1933 (rhbz #1063660)
* Thu Mar 13 2014 Jakub Dorňák <jdornak@redhat.com> – 2.0.0-12.gitd1c6db8
– python-pillow does not provide python3-imaging
(python3-pillow does)
* Wed Aug 28 2013 Sandro Mani <manisandro@gmail.com> – 2.0.0-11.gitd1c6db8
– Add patch to fix memory corruption caused by invalid palette size, see rhbz#1001122
——————————————————————————–
References:

[ 1 ] Bug #1063660 – CVE-2014-1933 Python imaging: insecure temporary file handling
https://bugzilla.redhat.com/show_bug.cgi?id=1063660
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update python-pillow’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5492
2014-04-23 03:00:44
——————————————————————————–

Name : python-pillow
Product : Fedora 20
Version : 2.2.1
Release : 4.fc20
URL : http://python-imaging.github.com/Pillow/
Summary : Python image processing library
Description :
Python image processing library, fork of the Python Imaging Library (PIL)

This library provides extensive file format support, an efficient
internal representation, and powerful image processing capabilities.

There are five subpackages: tk (tk interface), qt (PIL image wrapper for Qt),
sane (scanning devices interface), devel (development) and doc (documentation).

——————————————————————————–
Update Information:

This update fixes CVE-2014-1933 (rhbz #1063663).
——————————————————————————–
ChangeLog:

* Tue Apr 22 2014 Sandro Mani <manisandro@gmail.com> – 2.2.1-4
– Fix CVE-2014-1933 (rhbz #1063660)
* Thu Mar 13 2014 Jakub Dorňák <jdornak@redhat.com> – 2.2.1-3
– python-pillow does not provide python3-imaging
(python3-pillow does)
——————————————————————————–
References:

[ 1 ] Bug #1063660 – CVE-2014-1933 Python imaging: insecure temporary file handling
https://bugzilla.redhat.com/show_bug.cgi?id=1063660
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update python-pillow’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Nadogradja za firefox i thunderbird

Izdana je nadogradnja za otklanjanje višestrukih ranjivosti u firefoxu i thunderbirdu za Fedoru. Otkrivene ranjivosti u raznim dijelovima firefoxa i...

Close