Pillow 9.1.1 has been released on May 17, fixing a security issue: https://github.com/python-pillow/Pillow/releases/tag/9.1.1
Status comment: (none) => Fixed upstream in 9.1.1Assignee: bugsquad => python
Ubuntu has issued an advisory on December 13: https://ubuntu.com/security/notices/USN-5777-1 It fixes a new issue that is fixed upstream in 9.2.0.
Summary: python-pillow new security issue CVE-2022-30595 => python-pillow new security issues CVE-2022-30595 and CVE-2022-45198Status comment: Fixed upstream in 9.1.1 => Fixed upstream in 9.2.0
Update python-pillow to 9.2.0 python3-pillow-qt-9.2.0-1.mga8 python3-pillow-tk-9.2.0-1.mga8 python3-pillow-devel-9.2.0-1.mga8 python3-pillow-9.2.0-1.mga8 The build of the documentation is disabled. Source: python-pillow-9.2.0-1.mga8
Status comment: Fixed upstream in 9.2.0 => (none)Assignee: python => qa-bugsCC: (none) => yves.brungard_mageia
urpmq --whatrequires python3-pillow PySolFC calibre cinnamon deluge eduvpn-client img2pdf kitty kodi lutris mate-dock-applet mythtv-plugin-archive nml ocrfeeder openshot-qt pagure paperwork python3-bokeh python3-cairosvg python3-cairosvg python3-cairosvg python3-cloudmap python3-django-easy-thumbnails python3-django-simple-captcha python3-eyed3 python3-fabulous python3-imageio python3-matplotlib python3-pikepdf python3-pillow python3-pyinsane python3-pyocr python3-pypillowfight python3-pystray python3-qrcode python3-reportlab python3-scikit-image python3-wxpython4 weboob
mga8, x64 Before updating checked that Calibre was working. Installed paperwork. paperwork involves scanning documents and OCR so too complicate to test just now. Updated the packages and ran calibre under strace. Imported a PDF from local docs/books directory. Converted the document to epub 2 format. Selected an existing book from the Title menu and perused it. The trace did not mention pillow so it is simply a coding resource. Opened paperwork and looked at the internal documentation. pagure seems to be a website. nml appears to be related to nmlc, "NMLC — A compiler from NML code to NFO and/or GRF files" Played with OpenShot - imported a video and played it, added markers - working OK as far as I could tell. im2pdf works fine. $ img2pdf test.jpf > test.pdf Generates a single page PDF document containing a high resolution copy of the image. This should be enough.
CC: (none) => tarazed25Whiteboard: (none) => MGA8-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0164.html
Status: NEW => RESOLVEDResolution: (none) => FIXED