ELSA-2020-0578
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-0578
ELSA-2020-0578 - python-pillow security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2020-02-25 |
Description
[2.0.0-20gitd1c6db8]
- Combined fixes for CVE-2020-5312 and CVE-2019-16865
Resolves: rhbz#1789533
Resolves: rhbz#1774066
[2.0.0-19gitd1c6db8]
- Reenabled webp support on little endian archs.
[2.0.0-18gitd1c6db8]
- Disabled webp support on ppc64le due to #962091 and #1127230.
- Updated URL.
[2.0.0-17gitd1c6db8]
- Wiped out some memory leaks.
[2.0.0-15.gitd1c6db8]
- Mass rebuild 2014-01-24
[2.0.0-14gitd1c6db8]
- Fixed memory corruption.
- Resolves: rhbz#1001122
[2.0.0-13.gitd1c6db8]
- Mass rebuild 2013-12-27
[2.0.0-12]
- Mark doc subpackage arch dependent. Docs are built depending on supported
features, which are different across archs.
Resolves: rhbz#987839
[2.0.0-11]
- Drop lcms support
Resolves: rhbz#987839
[2.0.0-10]
- Build without webp support on s390* archs
Resolves: rhbz#962059
[2.0.0-9.gitd1c6db8]
- Conditionaly disable build of python3 parts on RHEL system
[2.0.0-8.gitd1c6db8]
- Add patch to fix test failure on big-endian
[2.0.0-7.gitd1c6db8]
- Remove Obsoletes in the python-pillow-qt subpackage. Obsoletes isn't
appropriate since qt support didn't exist in the previous python-pillow
package so there's no reason to drag in python-pillow-qt when updating
python-pillow.
[2.0.0-6.gitd1c6db8]
- Update to latest git
- python-pillow_quantization.patch now upstream
- python-pillow_endianness.patch now upstream
- Add subpackage for ImageQt module, with correct dependencies
- Add PyQt4 and numpy BR (for generating docs / running tests)
[2.0.0-5.git93a488e]
- Reenable tests on bigendian, add patches for #928927
[2.0.0-4.git93a488e]
- Update to latest git
- disable tests on bigendian (PPC*, S390*) until rhbz#928927 is fixed
[2.0.0-3.gitde210a2]
- python-pillow_tempfile.patch now upstream
- Add python3-imaging provides (bug #924867)
[2.0.0-2.git2e88848]
- Update to latest git
- Remove python-pillow-disable-test.patch, gcc is now fixed
- Add python-pillow_tempfile.patch to prevent a temporary file from getting packaged
[2.0.0-1.git2f4207c]
- Update to 2.0.0 git snapshot
- Enable python3 packages
- Add libwebp-devel BR for Pillow 2.0.0
[1.7.8-6.20130305git]
- Add ARM support
[1.7.8-5.20130305git]
- add s390* and ppc* to arch detection
[1.7.8-4.20130305git7866759]
- Update to latest git snapshot
- 0001-Cast-hash-table-values-to-unsigned-long.patch now upstream
- Pillow-1.7.8-selftest.patch now upstream
[1.7.8-3.20130210gite09ff61]
- Really remove -fno-strict-aliasing
- Place comment on how to retreive source just above the Source0 line
[1.7.8-2.20130210gite09ff61]
- Rebuild without -fno-strict-aliasing
- Add patch for upstream issue #52
[1.7.8-1.20130210gite09ff61]
- Initial RPM package
Related CVEs
| CVE-2019-16865 |
| CVE-2020-5312 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | python-pillow-2.0.0-20.gitd1c6db8.el7_7.src.rpm | 1a3c978b412efb50c25ce86f7fdd1a1b | ELSA-2020-3887 |
| python-pillow-2.0.0-20.gitd1c6db8.el7_7.aarch64.rpm | 1f69c161d4f4d5d720b6756dcfbac762 | ELSA-2020-3887 | |
| python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.aarch64.rpm | 8e5d0316962e2848d6cdb26923774393 | ELSA-2020-3887 | |
| python-pillow-doc-2.0.0-20.gitd1c6db8.el7_7.aarch64.rpm | 8f8bf87ff809ed4643ac9798ed1fbc0a | ELSA-2020-3887 | |
| python-pillow-qt-2.0.0-20.gitd1c6db8.el7_7.aarch64.rpm | 64e2c23759e43f17ab3b4499aea84384 | ELSA-2020-3887 | |
| python-pillow-sane-2.0.0-20.gitd1c6db8.el7_7.aarch64.rpm | b210a0318bb8d8fbeca1217f802f51cc | ELSA-2020-3887 | |
| python-pillow-tk-2.0.0-20.gitd1c6db8.el7_7.aarch64.rpm | ca1a88f99a435ca5c300fa7f0618b108 | ELSA-2020-3887 | |
| Oracle Linux 7 (x86_64) | python-pillow-2.0.0-20.gitd1c6db8.el7_7.src.rpm | 1a3c978b412efb50c25ce86f7fdd1a1b | ELSA-2020-3887 |
| python-pillow-2.0.0-20.gitd1c6db8.el7_7.i686.rpm | 6c8641f8a17707b73b208fec70c5981b | ELSA-2020-3887 | |
| python-pillow-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm | 1ebdc062a6dd4d4384a7cabfa159d332 | ELSA-2020-3887 | |
| python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.i686.rpm | f28630db064452e5f211c55accc8f50b | ELSA-2020-3887 | |
| python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm | a54aae48a70d784e0e89600c30050565 | ELSA-2020-3887 | |
| python-pillow-doc-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm | ac2c84b8425a0fd2ecb45689bb75d1c1 | ELSA-2020-3887 | |
| python-pillow-qt-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm | 14480420a623f26c37e36a2a060bb0f5 | ELSA-2020-3887 | |
| python-pillow-sane-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm | c9f37b9981e17d90f5aa4260bf436026 | ELSA-2020-3887 | |
| python-pillow-tk-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm | 394673a69cf27adbf1dcd29cfe24d0ef | ELSA-2020-3887 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
