https://bugzilla.redhat.com/show_bug.cgi?id=2042527
Bug ID: 2042527
Summary: CVE-2022-22817 python-pillow: PIL.ImageMath.eval
allows evaluation of arbitrary expressions
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: bdettelb(a)redhat.com, cstratak(a)redhat.com,
epel-packagers-sig(a)lists.fedoraproject.org,
infra-sig(a)lists.fedoraproject.org,
manisandro(a)gmail.com, miminar(a)redhat.com,
orion(a)nwra.com, python-maint(a)redhat.com,
python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com
Target Milestone: ---
Classification: Other
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary
expressions, such as ones that use the Python exec method.
Reference:
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-bu…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2042527
https://bugzilla.redhat.com/show_bug.cgi?id=2042522
Bug ID: 2042522
Summary: CVE-2022-22816 python-pillow: buffer over-read during
initialization of ImagePath.Path in path_getbbox() in
path.c
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: bdettelb(a)redhat.com, cstratak(a)redhat.com,
epel-packagers-sig(a)lists.fedoraproject.org,
infra-sig(a)lists.fedoraproject.org,
manisandro(a)gmail.com, miminar(a)redhat.com,
orion(a)nwra.com, python-maint(a)redhat.com,
python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com
Target Milestone: ---
Classification: Other
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during
initialization of ImagePath.Path.
References:
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1da…https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-image…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2042522
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Bug ID: 2042511
Summary: CVE-2022-22815 python-pillow: improperly initializes
ImagePath.Path in path_getbbox() in path.c
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: bdettelb(a)redhat.com, cstratak(a)redhat.com,
epel-packagers-sig(a)lists.fedoraproject.org,
infra-sig(a)lists.fedoraproject.org,
manisandro(a)gmail.com, miminar(a)redhat.com,
orion(a)nwra.com, python-maint(a)redhat.com,
python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com
Target Milestone: ---
Classification: Other
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes
ImagePath.Path.
References:
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1da…https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-image…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
https://bugzilla.redhat.com/show_bug.cgi?id=2263017
Bug ID: 2263017
Summary: python-aiosmtpd fails to build with Python 3.13:
aiosmtpd/tests/test_server.py::TestUnthreaded::test_un
ixsocket AssertionError: assert
Path(controller.unix_socket).exists()
Product: Fedora
Version: rawhide
Status: NEW
Component: python-aiosmtpd
Assignee: aurelien(a)bompard.org
Reporter: ksurma(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: aurelien(a)bompard.org,
epel-packagers-sig(a)lists.fedoraproject.org,
ksurma(a)redhat.com, mhroncok(a)redhat.com,
michel(a)michel-slm.name, psimovec(a)redhat.com
Blocks: 2244836 (PYTHON3.13)
Target Milestone: ---
Classification: Fedora
python-aiosmtpd fails to build with Python 3.13.0a3.
=================================== FAILURES
===================================
________________________ TestUnthreaded.test_unixsocket
________________________
self = <aiosmtpd.tests.test_server.TestUnthreaded object at 0x7f9b025449b0>
safe_socket_dir = PosixPath('/tmp/tmpmdp0502n')
autostop_loop = <_UnixSelectorEventLoop running=False closed=False debug=False>
runner = <function TestUnthreaded.runner.<locals>.starter at 0x7f9b026cdb20>
@pytest.mark.skipif(in_cygwin(), reason="Cygwin AF_UNIX is problematic")
@pytest.mark.skipif(in_win32(), reason="Win32 does not yet fully implement
AF_UNIX")
def test_unixsocket(self, safe_socket_dir, autostop_loop, runner):
sockfile = safe_socket_dir / "smtp"
cont = UnixSocketUnthreadedController(
Sink(), unix_socket=sockfile, loop=autostop_loop
)
cont.begin()
# Make sure event loop is not running (will be started in thread)
assert autostop_loop.is_running() is False
runner(autostop_loop)
# Make sure event loop is up and running (started within thread)
assert autostop_loop.is_running() is True
# Check we can connect
assert_smtp_socket(cont)
# Wait until thread ends, which it will be when the loop autostops
runner.join(timeout=AUTOSTOP_DELAY)
assert runner.is_alive() is False
catchup_delay()
assert autostop_loop.is_running() is False
# At this point, the loop _has_ stopped, but the task is still
listening
assert assert_smtp_socket(cont) is False
# Stop the task
cont.end()
catchup_delay()
# Now the listener has gone away
# noinspection PyTypeChecker
with pytest.raises((socket.timeout, ConnectionError)):
> assert_smtp_socket(cont)
aiosmtpd/tests/test_server.py:452:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
controller = <aiosmtpd.controller.UnixSocketUnthreadedController object at
0x7f9b02776db0>
def assert_smtp_socket(controller: UnixSocketMixin) -> bool:
> assert Path(controller.unix_socket).exists()
E AssertionError: assert False
E + where False = <bound method PathBase.exists of
PosixPath('/tmp/tmpmdp0502n/smtp')>()
E + where <bound method PathBase.exists of
PosixPath('/tmp/tmpmdp0502n/smtp')> = PosixPath('/tmp/tmpmdp0502n/smtp').exists
E + where PosixPath('/tmp/tmpmdp0502n/smtp') =
Path('/tmp/tmpmdp0502n/smtp')
E + where '/tmp/tmpmdp0502n/smtp' =
<aiosmtpd.controller.UnixSocketUnthreadedController object at
0x7f9b02776db0>.unix_socket
aiosmtpd/tests/test_server.py:103: AssertionError
------------------------------ Captured log call
-------------------------------
INFO mail.log:smtp.py:407 Available AUTH mechanisms: LOGIN(builtin)
PLAIN(builtin)
INFO mail.log:smtp.py:519 Peer: ''
INFO mail.log:smtp.py:601 '' handling connection
DEBUG mail.log:smtp.py:587 '' << b'220 localhost.localdomain Python SMTP
1.4.4.post2'
DEBUG mail.log:smtp.py:286 _handle_client readline: b'EHLO socket.test\r\n'
INFO mail.log:smtp.py:286 '' >> b'EHLO socket.test'
DEBUG mail.log:smtp.py:587 '' << b'250-localhost.localdomain'
DEBUG mail.log:smtp.py:587 '' << b'250-SIZE 33554432'
DEBUG mail.log:smtp.py:587 '' << b'250-8BITMIME'
DEBUG mail.log:smtp.py:587 '' << b'250-SMTPUTF8'
DEBUG mail.log:smtp.py:587 '' << b'250 HELP'
DEBUG mail.log:smtp.py:286 _handle_client readline: b'QUIT\r\n'
INFO mail.log:smtp.py:286 '' >> b'QUIT'
DEBUG mail.log:smtp.py:587 '' << b'221 Bye'
INFO mail.log:smtp.py:525 '' connection lost
INFO mail.log:smtp.py:746 '' Connection lost during _handle_client()
=========================== short test summary info
============================
FAILED aiosmtpd/tests/test_server.py::TestUnthreaded::test_unixsocket -
Asser...
====== 1 failed, 559 passed, 1 skipped, 4 deselected in 80.33s (0:01:20)
=======
https://docs.python.org/3.13/whatsnew/3.13.html
For the build logs, see:
https://copr-be.cloud.fedoraproject.org/results/@python/python3.13/fedora-r…
For all our attempts to build python-aiosmtpd with Python 3.13, see:
https://copr.fedorainfracloud.org/coprs/g/python/python3.13/package/python-…
Testing and mass rebuild of packages is happening in copr.
You can follow these instructions to test locally in mock if your package
builds with Python 3.13:
https://copr.fedorainfracloud.org/coprs/g/python/python3.13/
Let us know here if you have any questions.
Python 3.13 is planned to be included in Fedora 41.
To make that update smoother, we're building Fedora packages with all
pre-releases of Python 3.13.
A build failure prevents us from testing all dependent packages (transitive
[Build]Requires),
so if this package is required a lot, it's important for us to get it fixed
soon.
We'd appreciate help from the people who know this package best,
but if you don't want to work on this now, let us know so we can try to work
around it on our side.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2244836
[Bug 2244836] Python 3.13
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2263017
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2259429
Bug ID: 2259429
Summary: ImageMagick-7.1.1.27 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: ImageMagick
Keywords: FutureFeature, Triaged
Assignee: luya_tfz(a)thefinalzone.net
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: blaise(a)gmail.com, davide(a)cavalca.name,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com
Target Milestone: ---
Classification: Fedora
Releases retrieved: 7.1.1.27
Upstream release that is considered latest: 7.1.1.27
Current version/release in rawhide: 7.1.1.26-2.fc40
URL: https://imagemagick.org
Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at:
https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M…
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from Anitya:
https://release-monitoring.org/project/328484/
To change the monitoring settings for the project, please visit:
https://src.fedoraproject.org/rpms/ImageMagick
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2259429
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2257174
Bug ID: 2257174
Summary: [abrt] ImageMagick: MagickSignalHandler(): magick
killed by SIGABRT
Product: Fedora
Version: 39
Hardware: x86_64
Status: NEW
Whiteboard: abrt_hash:0a864e212ae4ae543dd71f08c5da1dd8d2a9c516;VAR
IANT_ID=workstation;
Component: ImageMagick
Assignee: luya_tfz(a)thefinalzone.net
Reporter: bugzilla-redhat-3187(a)system.rocks
QA Contact: extras-qa(a)fedoraproject.org
CC: blaise(a)gmail.com, davide(a)cavalca.name,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com
Target Milestone: ---
Classification: Fedora
Description of problem:
i ran magick with accidently too high values, something like this
magick -size 3948x2360 xc: -fill grey -draw 'rectangle 1897,0 2053,2360'
2024-01-07-cover-front-back.jpg
...but "-size 39480x23600" or something.
when it was not responding as fast as usual i recognized my mistake an hit
ctrl-c.
Version-Release number of selected component:
ImageMagick-1:7.1.1.15-1.fc39
Additional info:
reporter: libreport-2.17.11
type: CCpp
reason: magick killed by SIGABRT
journald_cursor:
s=b509117350f74fc29406aa8c320f1524;i=4a041;b=ce41b9a6e5ed4af2968da1a9367204cd;m=33a8a8db21;t=60e5788cfe244;x=a96619735aa10b0c
executable: /usr/bin/magick
cmdline: magick -size 33686x21600 xc: -fill white -stroke black -draw
$'rectangle 16363,0 17323,21599' 2024-01-07-cover-front-back.jpg
cgroup:
0::/user.slice/user-1000.slice/user@1000.service/app.slice/app-org.gnome.Terminal.slice/vte-spawn-81d6f102-e4b4-4930-a7cb-2752f663b3e1.scope
rootdir: /
uid: 1000
kernel: 6.6.8-200.fc39.x86_64
package: ImageMagick-1:7.1.1.15-1.fc39
runlevel: N 5
backtrace_rating: 4
crash_function: MagickSignalHandler
Truncated backtrace:
Thread no. 1 (14 frames)
#10 MagickSignalHandler at MagickCore/magick.c:1412
#12 SetPixelViaPixelInfo at ./MagickCore/quantum.h:89
#13 ReadXCImage at coders/xc.c:153
#14 ReadImage at MagickCore/constitute.c:736
#15 ReadImages at MagickCore/constitute.c:1086
#16 CLINoImageOperator at MagickWand/operation.c:4950
#17 CLIOption at MagickWand/operation.c:5462
#18 ProcessCommandOptions at MagickWand/magick-cli.c:653
#19 MagickImageCommand at MagickWand/magick-cli.c:1025
#20 MagickCommandGenesis at MagickWand/magick-cli.c:177
#21 MagickMain at utilities/magick.c:151
#22 __libc_start_call_main at ../sysdeps/nptl/libc_start_call_main.h:58
#23 __libc_start_main_impl at ../csu/libc-start.c:360
#24 _start
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2257174
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2272537
Bug ID: 2272537
Summary: [abrt] cinnamon:
g_type_check_instance_is_fundamentally_a(): cinnamon
killed by SIGSEGV
Product: Fedora
Version: 39
Hardware: x86_64
Status: NEW
Whiteboard: abrt_hash:6c263b498a3d4c26e1928969a4e9de9e0329e4e7;VAR
IANT_ID=cinnamon;
Component: cinnamon
Assignee: leigh123linux(a)googlemail.com
Reporter: fabiojlbc1982(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
leigh123linux(a)googlemail.com, miketwebster(a)gmail.com,
riehecky(a)fnal.gov
Target Milestone: ---
Classification: Fedora
Version-Release number of selected component:
cinnamon-6.0.4-5.fc39
Additional info:
reporter: libreport-2.17.11
type: CCpp
reason: cinnamon killed by SIGSEGV
journald_cursor:
s=1e245aff504d4b34a4fd82b2ec8a3314;i=3307;b=3dc5f41207ab483dae627f11424b52e5;m=13e249d9;t=6150e2cd51e7b;x=e38b2a60bcdc3ccd
executable: /usr/bin/cinnamon
cmdline: /usr/bin/cinnamon --replace
cgroup: 0::/user.slice/user-1000.slice/session-2.scope
rootdir: /
uid: 1000
kernel: 6.7.10-200.fc39.x86_64
package: cinnamon-6.0.4-5.fc39
runlevel: N 5
backtrace_rating: 4
crash_function: g_type_check_instance_is_fundamentally_a
Truncated backtrace:
Thread no. 1 (19 frames)
#0 g_type_check_instance_is_fundamentally_a at ../gobject/gtype.c:4184
#2 cinnamon_app_state_transition at ../src/cinnamon-app.c:931
#3 _cinnamon_app_remove_window at ../src/cinnamon-app.c:995
#6 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3980
#7 signal_emit_valist_unlocked at ../gobject/gsignal.c:3612
#10 meta_window_unmanage at ../src/core/window.c:1679
#11 meta_wayland_shell_surface_destroy_window at
../src/wayland/meta-wayland-shell-surface.c:368
#12 xdg_toplevel_destructor.lto_priv at
../src/wayland/meta-wayland-xdg-shell.c:194
#13 destroy_resource at ../src/wayland-server.c:732
#14 wl_resource_destroy at ../src/wayland-server.c:749
#15 ffi_call_unix64 at ../src/x86/unix64.S:104
#16 ffi_call_int at ../src/x86/ffi64.c:673
#17 ffi_call at ../src/x86/ffi64.c:710
#18 wl_closure_invoke at ../src/connection.c:1025
#19 wl_client_connection_data at ../src/wayland-server.c:438
#20 wl_event_loop_dispatch at ../src/event-loop.c:1027
#21 wayland_event_source_dispatch at ../src/wayland/meta-wayland.c:94
#23 g_main_context_dispatch_unlocked at ../glib/gmain.c:4284
#24 g_main_context_iterate_unlocked.isra.0 at ../glib/gmain.c:4349
Potential duplicate: bug 2235025
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2272537
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…