|
|
Subscribe / Log in / New account

python-imaging, python-pillow: code execution

Package(s):python-imaging, python-pillow CVE #(s):CVE-2014-3007
Created:November 21, 2014 Updated:December 3, 2014
Description:

From the Mageia advisory:

Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters, due to an incomplete fix for CVE-2014-1932 (CVE-2014-3007).

Alerts:
Mandriva MDVSA-2015:099 python-pillow 2015-03-28
Fedora FEDORA-2014-14980 python-pillow 2014-11-22
Fedora FEDORA-2014-14883 python-pillow 2014-11-22
Mageia MGASA-2014-0476 python-imaging, python-pillow 2014-11-21
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds