Synopsis:          Important: python-pillow security update
Advisory ID:       SLSA-2020:0578-1
Issue Date:        2020-02-24
CVE Numbers:       None
--

Security Fix(es):

python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)
python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service (CVE-2019-16865)
--

SL7
  x86_64
    python-pillow-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
    python-pillow-debuginfo-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
    python-pillow-2.0.0-20.gitd1c6db8.el7_7.i686.rpm
    python-pillow-debuginfo-2.0.0-20.gitd1c6db8.el7_7.i686.rpm
    python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.i686.rpm
    python-pillow-devel-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
    python-pillow-doc-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
    python-pillow-qt-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
    python-pillow-sane-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm
    python-pillow-tk-2.0.0-20.gitd1c6db8.el7_7.x86_64.rpm

- Scientific Linux Development Team