Updated python-pillow packages fix security vulnerabilities
Publication date: 18 Jun 2026Modification date: 18 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-42308 , CVE-2026-42310
Description
Integer overflow when processing fonts. (CVE-2026-42308)
PDF Parsing Trailer Infinite Loop (DoS). (CVE-2026-42310)
References
- https://bugs.mageia.org/show_bug.cgi?id=35657
- https://ubuntu.com/security/notices/USN-8399-1
- https://github.com/python-pillow/Pillow/security/advisories/GHSA-r73j-pqj5-w3x7
- https://github.com/python-pillow/Pillow/security/advisories/GHSA-wjx4-4jcj-g98j
- https://www.cve.org/CVERecord?id=CVE-2026-42308
- https://www.cve.org/CVERecord?id=CVE-2026-42310
SRPMS
9/core
- python-pillow-9.2.0-3.3.mga9