© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
This bug appears to have been introduced with `pillow-
This patch was sourced (at least partially) from this Pillow commit:
https:/
However, this commit occurs after an earlier commit that changes all instances of `len` to `length`, to prevent shadowing:
https:/
As such, it crashes whenever you try to read any PNG with a text chunk. Since this is specifically the use-case the CVE patch was designed for, I find it surprising that apparently nobody tested it.
I have created and attached a patch for `2.3.0-1ubuntu3.2` that works on the PNG's I've tried. Instead of renaming all instances of `len`, it just does the minimal changes needed to get this to work. It's up to you guys whether you'd rather follow upstream or not, but please fix this fast, because this is a pretty serious bug.