-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6357-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 21, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : pillow CVE ID : CVE-2026-42308 CVE-2026-42310 CVE-2026-42311 Multiple security vulnerabilities have been discovered in Pillow, a Python imaging library, which could result in denial of service or the execution of arbitrary code if malformed files are processed. For the stable distribution (trixie), these problems have been fixed in version 11.1.0-5+deb13u3. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pillow Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmo4FLAACgkQEMKTtsN8 TjZ7Jw/9Eu/VnLgQZHbHHSLNo+KvxbrM8+TjrkxQLTpUGakpIkdvJ5B5KuAO+oZS Zk9kwxe/jHBqOqnTSbzvHavY84jibWhKrY1/VzBwuYafvKEE+rBmwoqyRSNI16Fc 3ayFY2tdkY/LQDVclqvzI3uR68Wi8EWY8hx+hrIqVjXHBvKYl8wlLZxrkCUXhTI5 EeYUgUJBVrzLq3eqZwwLjjNGThnNr8FiXlYVmeyca8Ed/cacmkbJX0/3XMv69/fi kPBeZhV0T+dF13eqNhXbssdI65eqcTpAX4EdzyUMohh7MHp7eOYE7rinM1c1hkRT gPZWsPJbvFcQ3ZiTj6wSy+/B7hCWaV3FOBUFOnJpK+M86Gmx3iFBcY88FHPATEew MWHI9GLd8DEXxUiCwXrjRkOiO0pruaO9yy4lLqVPEzJ61bVLIE+O5SWvl3btir2/ KCCz3Gv44f7P1RQ9jlxbkfnpdE72+dQodAlaY6CC9mmrcHRG4yV+QKiu+V9ZxbBL E5DPzF/8Zew2aQKWAUDNY1cLDwjsIyTOWRAVgYTLXv/MGl9MAwKF2bs7szpRGkYA gLVcWd+oxyX9oISLdQwtCI9HW6FXE4WEkVeTXuaZjXME1RH48Y4THfQQ9bNyx0yJ dNHa1PSIshnZHZkBfJu3UNM/GAwFDVOs6KTskef9kG74Xl1ed/g= =Owdt -----END PGP SIGNATURE-----

