pillow 6.1.0-1ubuntu0.2 source package in Ubuntu
Changelog
pillow (6.1.0-1ubuntu0.2) eoan-security; urgency=medium
* SECURITY UPDATE: Exceed memory amount and delay in process image
- debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
PIL/PsdImagePlugin.py, Added decompression bomb checks in
PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
in Tests/images/*.
- CVE-2019-16865
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-19911.patch: Raise an error for an invalid
number of bands in FPX image in PIL/FpxImagePlugin.py and added some
testes in Test/images/*.
- CVE-2019-19911
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2020-5310.patch: Overflow checks for realloc for tiff
decoding in src/libImaging/TiffDecode.c and added tests in Test/images/*.
- CVE-2020-5310
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5311.patch: catch SGI buffer overruns
in src/libImaging/SgiRleDecode.c.
- CVE-2020-5311
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
in libImaging/PcxDecode.c and added some tests in Test/images/*.
- CVE-2020-5312
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
libImaging/FliDecode.c and added some tests in Test/images/*.
- CVE-2020-5313
-- <email address hidden> (Leonidas S. Barbosa) Mon, 03 Feb 2020 14:50:52 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pillow_6.1.0.orig.tar.xz | 27.8 MiB | 30c091965bea99e3923b1ac6057348bdadf3ed14934cb035805314f5db0fcf50 |
| pillow_6.1.0-1ubuntu0.2.debian.tar.xz | 273.7 KiB | 7bb312aefc653d8ca55f2c43cb5b7f351fe636f8e13337866ce19c6db6abd9be |
| pillow_6.1.0-1ubuntu0.2.dsc | 2.8 KiB | e59efce0f33a5c93d035aea7e6bce73377836f237663f6520596891bfdfd6b67 |
Available diffs
- diff from 6.1.0-1ubuntu0.1 to 6.1.0-1ubuntu0.2 (560 bytes)
Binary packages built by this source
- python-pil: No summary available for python-pil in ubuntu eoan.
No description available for python-pil in ubuntu eoan.
- python-pil-dbg: No summary available for python-pil-dbg in ubuntu eoan.
No description available for python-pil-dbg in ubuntu eoan.
- python-pil-doc: No summary available for python-pil-doc in ubuntu eoan.
No description available for python-pil-doc in ubuntu eoan.
- python-pil.imagetk: No summary available for python-pil.imagetk in ubuntu eoan.
No description available for python-pil.imagetk in ubuntu eoan.
- python-pil.imagetk-dbg: No summary available for python-pil.imagetk-dbg in ubuntu eoan.
No description available for python-
pil.imagetk- dbg in ubuntu eoan.
- python3-pil: No summary available for python3-pil in ubuntu eoan.
No description available for python3-pil in ubuntu eoan.
- python3-pil-dbg: No summary available for python3-pil-dbg in ubuntu eoan.
No description available for python3-pil-dbg in ubuntu eoan.
- python3-pil.imagetk: No summary available for python3-pil.imagetk in ubuntu eoan.
No description available for python3-pil.imagetk in ubuntu eoan.
- python3-pil.imagetk-dbg: No summary available for python3-pil.imagetk-dbg in ubuntu eoan.
No description available for python3-
pil.imagetk- dbg in ubuntu eoan.
