https://bugzilla.redhat.com/show_bug.cgi?id=2052682
Bug ID: 2052682
Summary: CVE-2022-24303 python-pillow: temporary directory with
a space character allows removal of unrelated file
after im.show() and related action
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: bdettelb(a)redhat.com, cstratak(a)redhat.com,
epel-packagers-sig(a)lists.fedoraproject.org,
infra-sig(a)lists.fedoraproject.org,
manisandro(a)gmail.com, miminar(a)redhat.com,
orion(a)nwra.com, python-maint(a)redhat.com,
python-sig(a)lists.fedoraproject.org, torsava(a)redhat.com
Target Milestone: ---
Classification: Other
If the path to the temporary directory on Linux or macOS contained a space,
this would break removal of the temporary image file after im.show() (and
related actions), and potentially remove an unrelated file. This been present
since PIL.
Reference:
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2052682
https://bugzilla.redhat.com/show_bug.cgi?id=2087609
Bug ID: 2087609
Summary: CVE-2022-30595 python-pillow: heap buffer overflow in
crafted TGA file
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: saroy(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
infra-sig(a)lists.fedoraproject.org,
manisandro(a)gmail.com, miminar(a)redhat.com,
python-sig(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Other
"CVE-2022-30595: When reading a TGA file with RLE packets that cross scan
lines, Pillow reads the information past the end of the first line without
deducting that from the length of the remaining file data. This vulnerability
was introduced in Pillow 9.1.0, and can cause a heap buffer overflow."
Introduced in 9.1.0, so only unstable is affected. Please bump to 9.1.1.
https://bugs.gentoo.org/845192
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2087609
https://bugzilla.redhat.com/show_bug.cgi?id=2092110
Bug ID: 2092110
Summary: ImageMagick-6.9.12-51 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: ImageMagick
Keywords: FutureFeature, Triaged
Assignee: luya_tfz(a)thefinalzone.net
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: blaise(a)gmail.com, dcavalca(a)fb.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com,
troy(a)troycurtisjr.com
Target Milestone: ---
Classification: Fedora
Latest upstream release: 6.9.12-51
Current version/release in rawhide: 6.9.12.50-1.fc37
URL: https://legacy.imagemagick.org
Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from Anitya:
https://release-monitoring.org/project/16253/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2092110
https://bugzilla.redhat.com/show_bug.cgi?id=2068421
Bug ID: 2068421
Summary: python-executing fails to build with Python 3.11:
InvocationError:
self.get_executing(inspect.currentframe().f_back)
Product: Fedora
Version: rawhide
Status: NEW
Component: python-executing
Assignee: rominf(a)aiven.io
Reporter: thrnciar(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
lbalhar(a)redhat.com, mhroncok(a)redhat.com,
paul.wouters(a)aiven.io, rominf(a)aiven.io,
thrnciar(a)redhat.com
Blocks: 2016048 (PYTHON3.11)
Target Milestone: ---
Link ID: Github alexmojaki/executing/pull/31
Classification: Fedora
python-executing fails to build with Python 3.11.0a6.
+ /usr/bin/python3 -m tox --current-env -q --recreate -e py311
Traceback (most recent call last):
File
"/builddir/build/BUILDROOT/python-executing-0.8.2-2.fc37.x86_64/usr/lib/python3.11/site-packages/executing/executing.py",
line 317, in executing
args = executing_cache[key]
~~~~~~~~~~~~~~~^^^^^
KeyError: (<code object <module> at 0x7fb5361790d0, file
"/builddir/build/BUILD/executing-0.8.2/tests/test_main.py", line 1>,
140416273322192, 552)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/builddir/build/BUILD/executing-0.8.2/tests/test_main.py", line 682, in
<module>
assert tester([1, 2, 3]) == [1, 2, 3]
^^^^^^^^^^^^^^^^^
File "/builddir/build/BUILD/executing-0.8.2/tests/utils.py", line 40, in
__call__
ex = self.get_executing(inspect.currentframe().f_back)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/builddir/build/BUILD/executing-0.8.2/tests/utils.py", line 28, in
get_executing
return Source.executing(frame)
^^^^^^^^^^^^^^^^^^^^^^^
File
"/builddir/build/BUILDROOT/python-executing-0.8.2-2.fc37.x86_64/usr/lib/python3.11/site-packages/executing/executing.py",
line 372, in executing
args = find(source=cls.for_frame(frame), retry_cache=True)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/builddir/build/BUILDROOT/python-executing-0.8.2-2.fc37.x86_64/usr/lib/python3.11/site-packages/executing/executing.py",
line 349, in find
node_finder = NodeFinder(frame, stmts, tree, lasti)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/builddir/build/BUILDROOT/python-executing-0.8.2-2.fc37.x86_64/usr/lib/python3.11/site-packages/executing/executing.py",
line 626, in __init__
raise RuntimeError(op_name)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
RuntimeError: CALL
ERROR: InvocationError for command
/builddir/build/BUILD/executing-0.8.2/.tox/py311/bin/python tests/test_main.py
(exited with code 1)
___________________________________ summary
____________________________________
ERROR: py311: commands failed
error: Bad exit status from /var/tmp/rpm-tmp.m2JoFZ (%check)
Bad exit status from /var/tmp/rpm-tmp.m2JoFZ (%check)
Upstream has WIP PR for Python 3.11 suport.
The PyFrameObject structure member has been moved to the internal C API
headers.
While the documentation notes that the PyFrameObject fields are subject to
change at any time, they have been stable for a long time and were used in
several popular extensions.
In Python 3.11, the frame struct was reorganized to allow performance
optimizations. Some fields were removed entirely, as they were details of the
old implementation.
PyFrameObject fields:
f_back: use PyFrame_GetBack().
f_blockstack: removed.
f_builtins: use PyObject_GetAttrString((PyObject*)frame, "f_builtins").
f_code: use PyFrame_GetCode().
f_gen: removed.
f_globals: use PyObject_GetAttrString((PyObject*)frame, "f_globals").
f_iblock: removed.
f_lasti: use PyObject_GetAttrString((PyObject*)frame, "f_lasti"). Code
using f_lasti with PyCode_Addr2Line() must use PyFrame_GetLineNumber() instead.
f_lineno: use PyFrame_GetLineNumber()
f_locals: use PyObject_GetAttrString((PyObject*)frame, "f_locals").
f_stackdepth: removed.
f_state: no public API (renamed to f_frame.f_state).
f_trace: no public API.
f_trace_lines: use PyObject_GetAttrString((PyObject*)frame,
"f_trace_lines") (it also be modified).
f_trace_opcodes: use PyObject_GetAttrString((PyObject*)frame,
"f_trace_opcodes") (it also be modified).
f_localsplus: no public API (renamed to f_frame.localsplus).
f_valuestack: removed.
The Python frame object is now created lazily. A side effect is that the f_back
member must not be accessed directly, since its value is now also computed
lazily. The PyFrame_GetBack() function must be called instead.
https://docs.python.org/3.11/whatsnew/3.11.html
For the build logs, see:
https://copr-be.cloud.fedoraproject.org/results/@python/python3.11/fedora-r…
For all our attempts to build python-executing with Python 3.11, see:
https://copr.fedorainfracloud.org/coprs/g/python/python3.11/package/python-…
Testing and mass rebuild of packages is happening in copr. You can follow these
instructions to test locally in mock if your package builds with Python 3.11:
https://copr.fedorainfracloud.org/coprs/g/python/python3.11/
Let us know here if you have any questions.
Python 3.11 is planned to be included in Fedora 37. To make that update
smoother, we're building Fedora packages with all pre-releases of Python 3.11.
A build failure prevents us from testing all dependent packages (transitive
[Build]Requires), so if this package is required a lot, it's important for us
to get it fixed soon.
We'd appreciate help from the people who know this package best, but if you
don't want to work on this now, let us know so we can try to work around it on
our side.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2016048
[Bug 2016048] Python 3.11
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2068421
https://bugzilla.redhat.com/show_bug.cgi?id=2091812
Bug ID: 2091812
Summary: ImageMagick: outside the range of representable values
of type 'unsigned long' at coders/pcl.c
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: trathi(a)redhat.com
CC: blaise(a)gmail.com, dcavalca(a)fb.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com,
troy(a)troycurtisjr.com
Target Milestone: ---
Classification: Other
In ImageMagick version < 7.1.0-29, there is an outside the range of
representable values of type 'unsigned long' at coders/pcl.c.
References:
https://github.com/ImageMagick/ImageMagick/issues/4985https://github.com/ImageMagick/ImageMagick/pull/4986
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2091812
https://bugzilla.redhat.com/show_bug.cgi?id=2091811
Bug ID: 2091811
Summary: ImageMagick: outside the range of representable values
of type 'unsigned char' at coders/psd.c
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: trathi(a)redhat.com
CC: blaise(a)gmail.com, dcavalca(a)fb.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com,
troy(a)troycurtisjr.com
Target Milestone: ---
Classification: Other
In ImageMagick version < 7.1.0-28, there is an outside the range of
representable values of type 'unsigned char' at coders/psd.c.
References:
https://github.com/ImageMagick/ImageMagick/issues/4962https://github.com/ImageMagick/ImageMagick/pull/4963
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2091811
https://bugzilla.redhat.com/show_bug.cgi?id=2091813
Bug ID: 2091813
Summary: ImageMagick: load of misaligned address at
MagickCore/property.c
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: trathi(a)redhat.com
CC: blaise(a)gmail.com, dcavalca(a)fb.com,
epel-packagers-sig(a)lists.fedoraproject.org,
fedora(a)famillecollet.com, luya_tfz(a)thefinalzone.net,
michel(a)michel-slm.name, ngompa13(a)gmail.com,
pampelmuse(a)gmx.at, sergio(a)serjux.com,
troy(a)troycurtisjr.com
Target Milestone: ---
Classification: Other
In ImageMagick version < 7.1.0-30, there are runtime errors:
* load of misaligned address 0x62300000714d for type 'double', which requires 8
byte alignment
* load of misaligned address 0x62300000710b for type 'float', which requires 4
byte alignment
References:
https://github.com/ImageMagick/ImageMagick/issues/5033https://github.com/ImageMagick/ImageMagick/pull/5034
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2091813
https://bugzilla.redhat.com/show_bug.cgi?id=2089474
Bug ID: 2089474
Summary: CVE-2022-1473 openssl3: openssl: OPENSSL_LH_flush()
breaks reuse of memory [epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: openssl3
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: michel(a)michel-slm.name
Reporter: tcullum(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-8.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2089474
https://bugzilla.redhat.com/show_bug.cgi?id=2080868
Bug ID: 2080868
Summary: python-typing-extensions fails to build with Python
3.11: AttributeError: <module 'typing' from
'/usr/lib64/python3.11/typing.py'> does not have the
attribute '_overload_registry'
Product: Fedora
Version: rawhide
Status: NEW
Component: python-typing-extensions
Assignee: hegjon(a)gmail.com
Reporter: thrnciar(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
hegjon(a)gmail.com, mail(a)fabian-affolter.ch,
mhroncok(a)redhat.com, michel(a)michel-slm.name,
thrnciar(a)redhat.com
Blocks: 2016048 (PYTHON3.11)
Target Milestone: ---
Classification: Fedora
python-typing-extensions fails to build with Python 3.11.0a7.
=================================== FAILURES
===================================
_____________________ OverloadTests.test_overload_registry
_____________________
/usr/lib64/python3.11/unittest/mock.py:1356: in patched
with self.decoration_helper(patched,
/usr/lib64/python3.11/contextlib.py:137: in __enter__
return next(self.gen)
/usr/lib64/python3.11/unittest/mock.py:1338: in decoration_helper
arg = exit_stack.enter_context(patching)
/usr/lib64/python3.11/contextlib.py:499: in enter_context
result = _enter(cm)
/usr/lib64/python3.11/unittest/mock.py:1427: in __enter__
original, local = self.get_original()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <unittest.mock._patch object at 0x7fb2d2b3a490>
def get_original(self):
target = self.getter()
name = self.attribute
original = DEFAULT
local = False
try:
original = target.__dict__[name]
except (AttributeError, KeyError):
original = getattr(target, name, DEFAULT)
else:
local = True
if name in _builtins and isinstance(target, ModuleType):
self.create = True
if not self.create and original is DEFAULT:
> raise AttributeError(
"%s does not have the attribute %r" % (target, name)
)
E AttributeError: <module 'typing' from
'/usr/lib64/python3.11/typing.py'> does not have the attribute
'_overload_registry'
/usr/lib64/python3.11/unittest/mock.py:1400: AttributeError
=========================== short test summary info
============================
FAILED src/test_typing_extensions.py::OverloadTests::test_overload_registry
=================== 1 failed, 224 passed, 1 skipped in 0.44s
===================
https://docs.python.org/3.11/whatsnew/3.11.html
For the build logs, see:
https://copr-be.cloud.fedoraproject.org/results/@python/python3.11/fedora-r…
For all our attempts to build python-typing-extensions with Python 3.11, see:
https://copr.fedorainfracloud.org/coprs/g/python/python3.11/package/python-…
Testing and mass rebuild of packages is happening in copr. You can follow these
instructions to test locally in mock if your package builds with Python 3.11:
https://copr.fedorainfracloud.org/coprs/g/python/python3.11/
Let us know here if you have any questions.
Python 3.11 is planned to be included in Fedora 37. To make that update
smoother, we're building Fedora packages with all pre-releases of Python 3.11.
A build failure prevents us from testing all dependent packages (transitive
[Build]Requires), so if this package is required a lot, it's important for us
to get it fixed soon.
We'd appreciate help from the people who know this package best, but if you
don't want to work on this now, let us know so we can try to work around it on
our side.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2016048
[Bug 2016048] Python 3.11
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2080868