[ALSA-2026:39127] Important: python-pillow security update
Type:
security
Severity:
important
Release date:
2026-07-14
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-pillow: Pillow: Denial of Service via crafted BDF font file (CVE-2026-55379) * python-pillow: Pillow: Denial of Service via crafted GD 2.x image file (CVE-2026-55380) * python-pillow: Pillow: Denial of Service via crafted PCF font data (CVE-2026-54059) * python-pillow: Pillow: Denial of Service via excessive memory allocation when processing font files (CVE-2026-54060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-pillow-5.1.1-22.el8_10.aarch64.rpm 59fc4adb020e28c962afed25b555a1603ae29bfc1c7bd6f393e1c8d0ef4df90b
aarch64 python3-pillow-tk-5.1.1-22.el8_10.aarch64.rpm 93ef8c3e9a25abf08c691ed693d7e323852fc8487dfbcaa1ce642a34764506c7
aarch64 python3-pillow-devel-5.1.1-22.el8_10.aarch64.rpm c2ade595e96fe09d4ade60077fb1b096830131c8f70b7662e787af25298cd15b
i686 python3-pillow-devel-5.1.1-22.el8_10.i686.rpm 47d7d1a9f97a2a767db40bb642938ce78462f23e0d9a1042bcc87b5b2f1bf255
i686 python3-pillow-5.1.1-22.el8_10.i686.rpm 7a75c4b60e46f9eb21a38f6224a08adc44fec13a0b2f10f41e24a28abaa40e86
noarch python3-pillow-doc-5.1.1-22.el8_10.noarch.rpm 87bbb6a86c9429119b9e97656266fadebf01f6f4f717159dc0e9ca6263a525bc
ppc64le python3-pillow-tk-5.1.1-22.el8_10.ppc64le.rpm 48a0056480f16d2515604a15983a0e44e2b1b520c823cddb54f582be34e72cfa
ppc64le python3-pillow-5.1.1-22.el8_10.ppc64le.rpm ceabc331b0d054f05417da9539f3ddea172ef72658f1428d582c60e265183651
ppc64le python3-pillow-devel-5.1.1-22.el8_10.ppc64le.rpm d02e01d2070c811fa25aff42bd33f3f784dc92cd2818c968c27e91d720aacbea
s390x python3-pillow-tk-5.1.1-22.el8_10.s390x.rpm 2f6e48df1530a729da97573b713346ebc8c913baa02ef94bb17123aa1104d4c9
s390x python3-pillow-devel-5.1.1-22.el8_10.s390x.rpm d30a9417ba96cd2a745dca23c035398df7b7f4bd493f5209cbb833502b63cf48
s390x python3-pillow-5.1.1-22.el8_10.s390x.rpm d7a32e7efa760741c2a98b7dc59f6126bb0937d66787f54b55de39cded55556b
x86_64 python3-pillow-5.1.1-22.el8_10.x86_64.rpm 6e181d4bde9177a6c24fa52c954e558d8cbb94454da69545bf2d29e120c52e73
x86_64 python3-pillow-devel-5.1.1-22.el8_10.x86_64.rpm aa69c06642d496a1ceca14d6128847451d45d033fd96bda3cf491bac4ac93975
x86_64 python3-pillow-tk-5.1.1-22.el8_10.x86_64.rpm f9479ed39d2d3cebcfeb6c40caf9223eeb51b299a996a7370af10bebdb4a2584
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.