This bug was fixed in the package pillow - 10.2.0-1ubuntu1.2
---------------
pillow (10.2.0-1ubuntu1.2) noble-security; urgency=medium
* SECURITY UPDATE: integer overflow via large font advances
- debian/patches/CVE-2026-42308.patch: Use long for glyph position in
src/_imagingft.c.
- CVE-2026-42308
* SECURITY UPDATE: DoS via malicious PDF
- debian/patches/CVE-2026-42310.patch: Raise an error if the trailer chain
loops back on itself in src/PIL/PdfParser.py.
- CVE-2026-42310
-- Marc Deslauriers <[email protected]> Thu, 04 Jun 2026
13:41:17 -0400
** Changed in: pillow (Ubuntu Noble)
Status: Fix Committed => Fix Released
** CVE added: https://cve.org/CVERecord?id=CVE-2026-42308
** CVE added: https://cve.org/CVERecord?id=CVE-2026-42310
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2084457
Title:
[SRU] Please enable frame-pointer on Noble
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pillow/+bug/2084457/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
