Advisories » MGASA-2016-0383

Updated python-pillow packages fix security vulnerabilities

Publication date: 17 Nov 2016
Modification date: 17 Nov 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9189 , CVE-2016-9190

Description

It was discovered that there were a number of memory overflow issues
in python-pillow, a Python image manipulation library. (CVE-2016-9189
and CVE-2016-9190)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=19739
• https://github.com/python-pillow/Pillow/issues/2105
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190

SRPMS

5/core

• python-pillow-2.6.2-2.6.mga5