14 lines
1011 B
JSON
14 lines
1011 B
JSON
{
|
|
"id": "openEuler-SA-2024-1451",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1451",
|
|
"title": "An update for python-pillow is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3",
|
|
"severity": "Moderate",
|
|
"description": "Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging \\ Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. %package -n python3-pillow Summary: Python 3 image processing library Provides: python3-imaging = -\r\n\r\nSecurity Fix(es):\r\n\r\nIn _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.(CVE-2024-28219)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2024-28219",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28219",
|
|
"severity": "Moderate"
|
|
}
|
|
]
|
|
} |