Format: 1.8 Date: Wed, 10 Mar 2021 13:01:32 -0500 Source: pillow Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc Architecture: i386 Version: 5.1.0-1ubuntu0.5 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: python-pil - Python Imaging Library (Pillow fork) python-pil-dbg - Python Imaging Library (debug extension) python-pil-doc - Examples for the Python Imaging Library python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork) python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension) python3-pil - Python Imaging Library (Python3) python3-pil-dbg - Python Imaging Library (Python3 debug extension) python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3) python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension) Changes: pillow (5.1.0-1ubuntu0.5) bionic-security; urgency=medium . * SECURITY UPDATE: negative-offset memcpy with an invalid size - debian/patches/CVE-2021-25290.patch: add extra check to src/libImaging/TiffDecode.c. - CVE-2021-25290 * SECURITY UPDATE: DoS via backtrack regex - debian/patches/CVE-2021-25292.patch: use more specific regex in src/PIL/PdfParser.py. - CVE-2021-25292 * SECURITY UPDATE: Out of Bounds Read - debian/patches/CVE-2021-25293.patch: add more checks to src/libImaging/SgiRleDecode.c. - CVE-2021-25293 * SECURITY UPDATE: DoS via invalid reported size - debian/patches/CVE-2021-2792x.patch: check reported sizes in src/PIL/BlpImagePlugin.py, src/PIL/IcnsImagePlugin.py, src/PIL/IcoImagePlugin.py. - CVE-2021-27921 - CVE-2021-27922 - CVE-2021-27923 Checksums-Sha1: 5238f57dfe98a2d4aeea519d4348f9be9de451b2 12204 pillow_5.1.0-1ubuntu0.5_i386.buildinfo d2257401d3b34f61332ad615fe5dd2ac1cf130a2 485056 python-pil-dbg_5.1.0-1ubuntu0.5_i386.deb 4d1b19cb902d1ab97884eda13551973834ed0ebd 25388 python-pil.imagetk-dbg_5.1.0-1ubuntu0.5_i386.deb 14bd70838a58364e380718d8dd00aaa6f775e018 8368 python-pil.imagetk_5.1.0-1ubuntu0.5_i386.deb acbc58a79aa8069c71df1554f42bf199a5627241 298104 python-pil_5.1.0-1ubuntu0.5_i386.deb c489918a06a8b6569da00abbd7b80d40a74e94bb 901780 python3-pil-dbg_5.1.0-1ubuntu0.5_i386.deb 608bb0745123b2e23a2984de93cd963dfb6acb12 34452 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.5_i386.deb 9e2d6acbc205520fb2a0442c763c7ca50ae05d84 8996 python3-pil.imagetk_5.1.0-1ubuntu0.5_i386.deb 94450903a4e3e032845909f2234f2794f253415b 332652 python3-pil_5.1.0-1ubuntu0.5_i386.deb Checksums-Sha256: d3a52a44f2424487a96a0de1abb7d859760678f3d5ab3731b02aca8dc9138c0e 12204 pillow_5.1.0-1ubuntu0.5_i386.buildinfo cf25183af9ed3f34e17b8ca988a882e76008197c92ed3147d845d93034f9421c 485056 python-pil-dbg_5.1.0-1ubuntu0.5_i386.deb 56eecaf0f631c0a92a1827405a4e5e076ed7f7dd02f31a2dd123fb2fb4239777 25388 python-pil.imagetk-dbg_5.1.0-1ubuntu0.5_i386.deb f4311cfa21c4be4a22819159290d162a3a2dc6c86e5ffd744a56486d07da88a6 8368 python-pil.imagetk_5.1.0-1ubuntu0.5_i386.deb 715d97985a7b37ec9099307fb555d50157d3643250f9df74924b9afb382917d8 298104 python-pil_5.1.0-1ubuntu0.5_i386.deb c00d640883891075dcaeb9e840ec927b1525a22e6ee19dc23a807c0ef66592c0 901780 python3-pil-dbg_5.1.0-1ubuntu0.5_i386.deb 2f4c652ca63a9b777c47d926b0076b622dda50cc8a2becbc3a8cbdfab0f46141 34452 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.5_i386.deb 40b014363f157cfcef26baaeba93857a5202270f5786e5b8c0d71fa6e1941156 8996 python3-pil.imagetk_5.1.0-1ubuntu0.5_i386.deb 3b7b92d7ad7e0e4fb13266b94030807379dcb186beb206a5281a715cb1e43a51 332652 python3-pil_5.1.0-1ubuntu0.5_i386.deb Files: 1d468f370c33d6072ab66acd51de502e 12204 python optional pillow_5.1.0-1ubuntu0.5_i386.buildinfo 95c1e211e93ac04248de20d5e53562d9 485056 debug optional python-pil-dbg_5.1.0-1ubuntu0.5_i386.deb beb4d87543428d75aac335a96d09dc20 25388 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.5_i386.deb 700794d226f9e6b4e5deb42bce2485f4 8368 python optional python-pil.imagetk_5.1.0-1ubuntu0.5_i386.deb 902c0d32b15b23f06236609e501f5d36 298104 python optional python-pil_5.1.0-1ubuntu0.5_i386.deb 933a4b14de44977e8f2ca8618c9e6a00 901780 debug optional python3-pil-dbg_5.1.0-1ubuntu0.5_i386.deb d700fd0f34e3e5b28d7e66704540d1f4 34452 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.5_i386.deb 044d95968378acb62dbfb0d980b6967b 8996 python optional python3-pil.imagetk_5.1.0-1ubuntu0.5_i386.deb 8d72819a1b454607f9edebf04a3a16c5 332652 python optional python3-pil_5.1.0-1ubuntu0.5_i386.deb Original-Maintainer: Matthias Klose