-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3724-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Chris Lamb January 29, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : pillow Version : 5.4.1-2+deb10u4 CVE ID : CVE-2023-50447 Debian Bug : 1061172 It was discovered that there was a potential arbitrary code execution vulnerability in pillow, a popular library for manipulating images used by Python applications. For Debian 10 buster, this problem has been fixed in version 5.4.1-2+deb10u4. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pillow Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmW3+TgACgkQHpU+J9Qx Hljd2w/6A7lriJhn8PNke6KCJKkR7RQ5z+XBxzEnLuK3PakKRfx8Tb0hIksJpUth OvgdwoKcnyrxbzclE06NpL1LXZxzUESzNoYIeHXn+GZLfDoQMWdOwYeQpKDQb3bh 8M79H4mPXE2ECbvjbXAOFrfqm7soPUJMyzHsH8Bq7voNGEKKqTr7b+2/hLAKVKKO sX07bcJjJkA6lZHAarO5bszZTm3Y8xRpFMKLnQGjpfU2C94Ur7w7kfrvofue3CxI GIzR8VqkN0H36tEcEm/d1It6kh+WCxPeZo2vfAJvQ7tVXMnnxNR4YPxX4OU/Tj8o UlF/S44oL9flMJFQzb2y1RQ8vcKAp/uh2B1Gx+aTtcCbiT9bvq1/I6MZJpBSYA24 CSUt5zZ1o/JqcD8RIEUnvZuv4hi1rkZ3XEypFrmpPenbM9G7tKKal/VmvY0Q1eSW zUntsVEAWbK/wJSxOghkv7UqIjwL9UjvqVTIWR3m10zhigD2g9Hw6fY1vGPBOHT9 +/07Ltdx0Zt+VfGWC/MGcZ+Twwqex8PZDoN3PpazZ0UeBC6pN4r1HIBu1nknJrmA /lsKY0v5xAFJ/iLMmRfULVX9cPcKvDZBhGYPATlV7aAs/opBk4LIFoXR1Z/fW+/P uaNu+PJRoCz+p9mir2P4dS2ytqIoAlASUGcL7Uul4jw4EOYuzeQ= =Ayfk -----END PGP SIGNATURE-----