Ubuntu alert USN-8211-1 (pillow)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8211-1] Pillow vulnerability | |
| Date: | Mon, 27 Apr 2026 13:38:15 +0000 | |
| Message-ID: | <E1wHMAB-0003oi-Sn@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-8211-1 April 27, 2026 pillow vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 Summary: Pillow could be made to crash if it opened a specially crafted file. Software Description: - pillow: Python Imaging Library Details: It was discovered that Pillow incorrectly handled certain FITS images. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-pil 11.3.0-1ubuntu1.2 python3-pil.imagetk 11.3.0-1ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8211-1 CVE-2026-40192 Package Information: https://launchpad.net/ubuntu/+source/pillow/11.3.0-1ubunt...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmnvZAcACgkQcpJm3tlz hgHpNhAAxyMVksh+Vym/inWFSBbrYuJ74dj6uzrEmGMyrRgcYnUaAvpXf//tN0hB 5pq6hBPp1/Pt99UIjvm+CgXeCl+1HDDczU0Kf2UN7F/mOLYK6tQGH1w7HeACZ4pp X2HKX7sM/EhoHoxBU8MMFwfgCrpPB7+M7oUuNRYpcRGUej78yr4aonQ+jB6F2kOk 9c3OxpLllcg5yjrZ7Q/wbl6Xe+oARR/InfuBXkVyHdRyaRY5h4OtxHLONxWdIWVj N6VaUtY2wmN3qOGOg0UWyg4xRtSEtkvEK3oAv3dMUNmMCJx5Mk+q3fOjhRF09BG9 BjWtEj7v/i/by6dj0kyz/snTTLvwqz/KmW3p1MbGn5NF7zswHhAqGSLi4bsQHThY JWthaKN18i9n/LK5jF87p2+dDiGJxIWnZHpXcBSAZnbYImJIXf07HNL+NclnWKy0 lybOJr0fdWHjYHqsOcLRvDdogrSfHWgVkuXk2vkaklpWN6fFaKQPudr5zwuiMsTZ FTJk8ECDz2j0ogqpy3mGI7NJtA0aj+jxntmHOXb/6eBHrAiQyTjUrgjQH/yB2hcD o1NkTw923nY0JsIIb+Nj9QnDspx6u9eN3NKJuOQOxJBT/F/z0tn2EWb5Y1mZ9v0d gqBVmWn3/iqeOjX8AAidxcfOGBodIuy8zsoT8yHC23cPZM7+lQA= =HX1h -----END PGP SIGNATURE-----