PsdImagePlugin.PsdImageFile did not sanity check the number of input layers with regard to the size of the data block, this could lead to a denial-of-service on open() prior to load(). This dates to the PIL fork. References: https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#security https://github.com/python-pillow/Pillow/pull/5377
Created mingw-python-pillow tracking bugs for this issue: Affects: fedora-all [bug 1958244] Created python-pillow tracking bugs for this issue: Affects: fedora-all [bug 1958241] Created python2-pillow tracking bugs for this issue: Affects: fedora-all [bug 1958242] Created python3-pillow tracking bugs for this issue: Affects: epel-7 [bug 1958243]
Statement: To mitigate this feature on Red Hat Quay keep the invoice generation feature disabled, as it is by default.
Upstream patch: https://github.com/python-pillow/Pillow/commit/22e9bee4ef225c0edbb9323f94c26cee0c623497
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4149 https://access.redhat.com/errata/RHSA-2021:4149
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-28675