In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. Reference: https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security Upstream patch: https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061
Created python-pillow tracking bugs for this issue: Affects: fedora-all [bug 2272567] Created python3-pillow tracking bugs for this issue: Affects: epel-all [bug 2272569]