Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "python3-pil.imagetk-dbg": "7.0.0-4ubuntu0.7", "python3-pil-dbg": "7.0.0-4ubuntu0.7", "python-pil-doc": "7.0.0-4ubuntu0.7", "python3-pil": "7.0.0-4ubuntu0.7", "python3-pil.imagetk": "7.0.0-4ubuntu0.7" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "python-pil-dbg": "6.2.1-3ubuntu0.1~esm1", "python-pil.imagetk-dbg": "6.2.1-3ubuntu0.1~esm1", "python-pil.imagetk": "6.2.1-3ubuntu0.1~esm1", "python-pil": "6.2.1-3ubuntu0.1~esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "python3-pil.imagetk-dbgsym": "9.0.1-1build1", "python3-pil.imagetk": "9.0.1-1build1", "python-pil-doc": "9.0.1-1build1", "python3-pil": "9.0.1-1build1", "python3-pil-dbgsym": "9.0.1-1build1" } ] }