pillow 7.0.0-4ubuntu1 source package in Ubuntu
Changelog
pillow (7.0.0-4ubuntu1) groovy; urgency=medium
* SECURITY UPDATE: multiple out of bounds reads
- debian/patches/CVE-2020-10177-1.patch: fix issue in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-2.patch: refactor to macro in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-3.patch: fix OOB Reads in SS2 Chunk in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-4.patch: fix OOB in LC packet in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-5.patch: fix OOB Advance Values in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-6.patch: fix OOB Read in FLI Copy Chunk
in src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-7.patch: fix comments in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-8.patch: additional FLI check in
src/libImaging/FliDecode.c.
- CVE-2020-10177
* SECURITY UPDATE: out of bounds read with PCX files
- debian/patches/CVE-2020-10378.patch: fix OOB Access in
src/libImaging/PcxDecode.c.
- CVE-2020-10378
* SECURITY UPDATE: two buffer overflows
- debian/patches/CVE-2020-10379-1.patch: ensure that Tiff's concept of
Strip and Tilesize matches Pillow's in src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-10379-2.patch: avoid uninitialized read in
src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-10379-3.patch: fix typos in
src/libImaging/TiffDecode.c.
- CVE-2020-10379
* SECURITY UPDATE: out-of-bounds read via JP2 file
- debian/patches/CVE-2020-10994-1.patch: fix for OOB Read in
src/libImaging/Jpeg2KDecode.c.
- debian/patches/CVE-2020-10994-2.patch: fix typo in
src/libImaging/Jpeg2KDecode.c.
- CVE-2020-10994
* SECURITY UPDATE: out-of-bounds read via SGI file
- debian/patches/CVE-2020-11538.patch: track number of pixels, not the
number of runs in src/libImaging/SgiRleDecode.c.
- CVE-2020-11538
-- Marc Deslauriers <email address hidden> Tue, 07 Jul 2020 13:14:10 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Groovy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pillow_7.0.0.orig.tar.xz | 31.8 MiB | ce86f1887803a06bd874760fdeba9528a3c6d6eacd927226a90435b772905335 |
| pillow_7.0.0-4ubuntu1.debian.tar.xz | 19.9 KiB | 7bae31b88a853825b85000a04d4d6d57da6109f40fe8633f3725032906db081d |
| pillow_7.0.0-4ubuntu1.dsc | 2.4 KiB | 3bd99f463efdd006203145cf30bd5695c55d043b2905abbb6d822f6c7538cd48 |
Available diffs
Binary packages built by this source
- python-pil-doc: No summary available for python-pil-doc in ubuntu groovy.
No description available for python-pil-doc in ubuntu groovy.
- python3-pil: No summary available for python3-pil in ubuntu groovy.
No description available for python3-pil in ubuntu groovy.
- python3-pil-dbg: No summary available for python3-pil-dbg in ubuntu groovy.
No description available for python3-pil-dbg in ubuntu groovy.
- python3-pil.imagetk: No summary available for python3-pil.imagetk in ubuntu groovy.
No description available for python3-pil.imagetk in ubuntu groovy.
- python3-pil.imagetk-dbg: No summary available for python3-pil.imagetk-dbg in ubuntu groovy.
No description available for python3-
pil.imagetk- dbg in ubuntu groovy.
