Advisories » MGASA-2014-0343

Updated python-imaging & python-pillow packages fix CVE-2014-3589

Publication date: 21 Aug 2014
Modification date: 21 Aug 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3589

Description

Updated python-imaging and python-pillow packages fix security vulnerabilities:

The Python Imaging Library is vulnerable to a denial of service attack in the
IcnsImagePlugin (CVE-2014-3589).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=13916
• https://pypi.python.org/pypi/Pillow/2.3.2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589

SRPMS

3/core

• python-imaging-1.1.7-7.2.mga3

4/core

• python-pillow-2.2.1-0.5.mga4