python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2

An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable. This flaw allows an attacker to crash the application or potentially execute code on the system. The highest...

Oracle Linux 8 : python-pillow (ELSA-2020-3185)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3185 advisory. - Fix for CVE-2020-5313 Resolves: rhbz1789532 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

python-pillow security update

5.1.1-10 - Bump and rebuild for gating to deliver CVE fixes Resolves: rhbz1789535 5.1.1-9 - Fix for CVE-2020-5311 - out-of-bounds write in expandrow Resolves: rhbz1789535 5.1.1-8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066...

python: rgbimg: multiple security issues

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the 1 longimagedata or 2 expandrow function...