Updated python-pillow packages fix security vulnerability
Publication date: 29 Sep 2021Modification date: 29 Sep 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-23437
Description
Updated python-pillow packages fix security vulnerability: The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function (CVE-2021-23437).
References
SRPMS
8/core
- python-pillow-8.1.2-1.1.mga8