Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1707)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.2.2020.1707

Categoría: Huawei EulerOS Local Security Checks

Título: Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1707)

Resumen: The remote host is missing an update for the Huawei EulerOS 'python-pillow' package(s) announced via the EulerOS-SA-2020-1707 advisory.

Descripción: Summary:
The remote host is missing an update for the Huawei EulerOS 'python-pillow' package(s) announced via the EulerOS-SA-2020-1707 advisory.

Vulnerability Insight:
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.(CVE-2020-5313)

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.(CVE-2020-5312)

Affected Software/OS:
'python-pillow' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-5312
Debian Security Information: DSA-4631 (Google Search)
https://www.debian.org/security/2020/dsa-4631
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/
https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd
https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html
RedHat Security Advisories: RHSA-2020:0566
https://access.redhat.com/errata/RHSA-2020:0566
RedHat Security Advisories: RHSA-2020:0578
https://access.redhat.com/errata/RHSA-2020:0578
RedHat Security Advisories: RHSA-2020:0580
https://access.redhat.com/errata/RHSA-2020:0580
RedHat Security Advisories: RHSA-2020:0681
https://access.redhat.com/errata/RHSA-2020:0681
RedHat Security Advisories: RHSA-2020:0683
https://access.redhat.com/errata/RHSA-2020:0683
RedHat Security Advisories: RHSA-2020:0694
https://access.redhat.com/errata/RHSA-2020:0694
https://usn.ubuntu.com/4272-1/
Common Vulnerability Exposure (CVE) ID: CVE-2020-5313
https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2020.1707
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1707)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'python-pillow' package(s) announced via the EulerOS-SA-2020-1707 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'python-pillow' package(s) announced via the EulerOS-SA-2020-1707 advisory. Vulnerability Insight: libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.(CVE-2020-5313) libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.(CVE-2020-5312) Affected Software/OS: 'python-pillow' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-5312 Debian Security Information: DSA-4631 (Google Search) https://www.debian.org/security/2020/dsa-4631 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A/ https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html RedHat Security Advisories: RHSA-2020:0566 https://access.redhat.com/errata/RHSA-2020:0566 RedHat Security Advisories: RHSA-2020:0578 https://access.redhat.com/errata/RHSA-2020:0578 RedHat Security Advisories: RHSA-2020:0580 https://access.redhat.com/errata/RHSA-2020:0580 RedHat Security Advisories: RHSA-2020:0681 https://access.redhat.com/errata/RHSA-2020:0681 RedHat Security Advisories: RHSA-2020:0683 https://access.redhat.com/errata/RHSA-2020:0683 RedHat Security Advisories: RHSA-2020:0694 https://access.redhat.com/errata/RHSA-2020:0694 https://usn.ubuntu.com/4272-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-5313 https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b
Copyright	Copyright (C) 2020 Greenbone Networks GmbH