Format: 1.8
Date: Tue, 18 May 2021 07:33:36 -0400
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc
Architecture: amd64 all
Version: 5.1.0-1ubuntu0.6
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy01-amd64-025.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (5.1.0-1ubuntu0.6) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: OOB read in Jpeg2KDecode
     - debian/patches/CVE-2021-25287_8.patch: handle different widths for
       each band in src/libImaging/Jpeg2KDecode.c.
     - CVE-2021-25287
     - CVE-2021-25288
   * SECURITY UPDATE: DOS in PsdImagePlugin
     - debian/patches/CVE-2021-28675.patch: sanity check the number of
       input layers in Tests/test_decompression_bomb.py,
       Tests/test_file_apng.py, Tests/test_file_blp.py,
       Tests/test_file_tiff.py, src/PIL/ImageFile.py,
       src/PIL/PsdImagePlugin.py.
     - CVE-2021-28675
   * SECURITY UPDATE: FLI DOS
     - debian/patches/CVE-2021-28676.patch: check the block advance in
       src/libImaging/FliDecode.c.
     - CVE-2021-28676
   * SECURITY UPDATE: EPS DOS on _open
     - debian/patches/CVE-2021-28677.patch: properly handle line endings in
       src/PIL/EpsImagePlugin.py.
     - CVE-2021-28677
   * SECURITY UPDATE: BLP DOS
     - debian/patches/CVE-2021-28678.patch: check that reads return data in
       src/PIL/BlpImagePlugin.py.
     - CVE-2021-28678
Checksums-Sha1:
 f33216226cb53198825020c7ced90c1a17a4d820 13653 pillow_5.1.0-1ubuntu0.6_amd64.buildinfo
 1aebc5ee26060750bd96f51c501932ccd269ab4d 493728 python-pil-dbg_5.1.0-1ubuntu0.6_amd64.deb
 7ad3f257144257cbf7f74457b89e7b430f3445c9 368168 python-pil-doc_5.1.0-1ubuntu0.6_all.deb
 99d864bebe13d1f242b7c677727712bd4ed6c03d 25460 python-pil.imagetk-dbg_5.1.0-1ubuntu0.6_amd64.deb
 25ae8145dd96373829b4ff42c7f563ade68956d1 8368 python-pil.imagetk_5.1.0-1ubuntu0.6_amd64.deb
 378a998625fcd423cd431b918d0023ee08f06360 302280 python-pil_5.1.0-1ubuntu0.6_amd64.deb
 78b0cbd4ae9ccd82178ccd0696f6814ff6a52228 955176 python3-pil-dbg_5.1.0-1ubuntu0.6_amd64.deb
 5cd8f4f4a023e95eb462053476b0b187e451b3e0 36060 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.6_amd64.deb
 4419826cd9007197e534f60ddfec3120727fb83b 8680 python3-pil.imagetk_5.1.0-1ubuntu0.6_amd64.deb
 0b8feffd902b49045f33ef8dcff6c6a6a9d31116 330052 python3-pil_5.1.0-1ubuntu0.6_amd64.deb
Checksums-Sha256:
 ad63ac147290d0ec27a50855ed063378338f0480dfd57e24c72210ac38b54252 13653 pillow_5.1.0-1ubuntu0.6_amd64.buildinfo
 bf8c7a67787e1d9ae262cc3ed2db16c6f1d2cfedca55a8806e88bf5f4afb3c80 493728 python-pil-dbg_5.1.0-1ubuntu0.6_amd64.deb
 90f93e1ccd5fbd469bf163c79ee63e01ad93bd8f00a13e1e0f1d20f2a55d8e14 368168 python-pil-doc_5.1.0-1ubuntu0.6_all.deb
 0b822ba5c9018f8f32805db28cb9a9c9314ad09955e3f7569467fb9a61c9d33f 25460 python-pil.imagetk-dbg_5.1.0-1ubuntu0.6_amd64.deb
 c4be9b96dd9139332f2e818c9d4c1343d7700613f9c38b34f8105e8789f148b4 8368 python-pil.imagetk_5.1.0-1ubuntu0.6_amd64.deb
 0fa112fb1b2b56c1eb4125c1db163be8a56382eb337519b83a2002ad60886795 302280 python-pil_5.1.0-1ubuntu0.6_amd64.deb
 7d188177a5d624c7e9c09c7cc8088a2d7888b817feb7eba31aa8d3e0ad113350 955176 python3-pil-dbg_5.1.0-1ubuntu0.6_amd64.deb
 737e4ec031f120f25aafc50e211d1d2552a67655b0502363663ac6a3c7c97c01 36060 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.6_amd64.deb
 4b08912d1c12950a9b0339a716f69f0424ce790cfba5936e4b14fa7857ca4d08 8680 python3-pil.imagetk_5.1.0-1ubuntu0.6_amd64.deb
 b07754112dbdaae765332fa6af214404b3f7c1271b4205fde08995b3262c6623 330052 python3-pil_5.1.0-1ubuntu0.6_amd64.deb
Files:
 aa0416b7a00f02080fd55a6961cee510 13653 python optional pillow_5.1.0-1ubuntu0.6_amd64.buildinfo
 03c031e34abcfca25f059ed954226b80 493728 debug optional python-pil-dbg_5.1.0-1ubuntu0.6_amd64.deb
 851a53ca6b4632c8a5864c2e5d150af0 368168 doc optional python-pil-doc_5.1.0-1ubuntu0.6_all.deb
 5e770b04f34ebff4a384931b987a59c0 25460 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.6_amd64.deb
 20fca1b1fb0ffd9bef19638b42a899e4 8368 python optional python-pil.imagetk_5.1.0-1ubuntu0.6_amd64.deb
 8b5b152f93fac9c3783936b8cb587f71 302280 python optional python-pil_5.1.0-1ubuntu0.6_amd64.deb
 b3f74c1d08d3953e74f8064f5add02f4 955176 debug optional python3-pil-dbg_5.1.0-1ubuntu0.6_amd64.deb
 97658d5f42ced012037c989aea4886c4 36060 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.6_amd64.deb
 1a7715970be8b5e6a8045aa457da1f0f 8680 python optional python3-pil.imagetk_5.1.0-1ubuntu0.6_amd64.deb
 e96d35d1a74622beceb300ab76d89749 330052 python optional python3-pil_5.1.0-1ubuntu0.6_amd64.deb
Original-Maintainer: Matthias Klose <doko@debian.org>