Format: 1.8
Date: Thu, 30 Jan 2020 17:15:56 -0300
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc python-imaging
Architecture: ppc64el
Version: 3.1.2-0ubuntu1.3
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-016.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 python-imaging - Python Imaging Library compatibility layer
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (3.1.2-0ubuntu1.3) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: Exceed memory amount and delay in process image
     - debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
       PIL/PsdImagePlugin.py, Added decompression bomb checks in
       PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
       in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
       in Tests/images/*.
     - CVE-2019-16865
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2019-19911.patch:  Raise an error for an invalid
       number of bands in FPX image in PIL/FpxImagePlugin.py.
     - CVE-2019-19911
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
       in libImaging/PcxDecode.c.
     - CVE-2020-5312
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
       libImaging/FliDecode.c.
     - CVE-2020-5313
   * Fix decompression tests that failed
     - debian/patches/Fixing_decompression_test.patch: Tests/test_decompression.py.
Checksums-Sha1:
 104e6b9fff03d5be1d8e0d27260199fea3a97d6b 438048 python-pil-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 01565d662caeffaf05b0ec6f0d8ef0536db238f6 14168 python-pil.imagetk-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 3f865dbee4ff4e93430173a1e3ab8918885ca230 7526 python-pil.imagetk_3.1.2-0ubuntu1.3_ppc64el.deb
 e1ba03ad7df334f98f6f9bf2f62af6fd1dbeaf8b 304040 python-pil_3.1.2-0ubuntu1.3_ppc64el.deb
 0ebe4e244ebd19c8750ab1a8cac10aed750d3f5d 537588 python3-pil-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 bc3ec67c158f54429caa8e48858b8a9e7528d22b 14344 python3-pil.imagetk-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 ea6a7d13d80897d1e46ce0ff7093a2b2f4c1772d 7624 python3-pil.imagetk_3.1.2-0ubuntu1.3_ppc64el.deb
 44a74d871a2127e218f5cafaad75915e3b338ab2 304758 python3-pil_3.1.2-0ubuntu1.3_ppc64el.deb
Checksums-Sha256:
 947d58c6b25b4df983a5f393c47336b4924ce65553d056628c278c35991f4d28 438048 python-pil-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 05a626475d41c580ba3ea8cbc28c347cd8de81b010d568688a32a55906ac8858 14168 python-pil.imagetk-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 ac5c35b68b6bdb0b620dc3131cadcefa2e0b56cdc5a1841b2a789dfa39067eee 7526 python-pil.imagetk_3.1.2-0ubuntu1.3_ppc64el.deb
 ec46c89c0448ca7ed65f283e3bad8e64342b1a7c21b8e4f5c0bedee4192eee31 304040 python-pil_3.1.2-0ubuntu1.3_ppc64el.deb
 9e73f9d86cdffc228e327c5bc1a3f35cde2d126c0f61e1ac4fe7339ecedae1c2 537588 python3-pil-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 c8f765f87a411d47b1e835be7a33241a6735e6db9af83ffa129b5b67d4a0ee06 14344 python3-pil.imagetk-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 53baa6fc17516817d80429e3eaacaebed430bed815f61c898c7de2bd8e6215b7 7624 python3-pil.imagetk_3.1.2-0ubuntu1.3_ppc64el.deb
 e36b7547f32e926d2a3fb6b3daf0f920028f2b26497b854328a27b43b1245850 304758 python3-pil_3.1.2-0ubuntu1.3_ppc64el.deb
Files:
 ac2f2c4364d6ca60a5fc9fdae64bbd61 438048 debug extra python-pil-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 83a533233afefc0d327cf29629f5fa63 14168 debug extra python-pil.imagetk-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 fa0f289e90ae9932005929895c426df1 7526 python optional python-pil.imagetk_3.1.2-0ubuntu1.3_ppc64el.deb
 c0974146a23867c2c10ef422d4025e81 304040 python optional python-pil_3.1.2-0ubuntu1.3_ppc64el.deb
 0639e30f50431786cc7b6e941c4d0776 537588 debug extra python3-pil-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 68a42bc560205168bc0a0a05dd80b318 14344 debug extra python3-pil.imagetk-dbg_3.1.2-0ubuntu1.3_ppc64el.deb
 c34a73a2138c87f356c7c0f6b5be15c6 7624 python optional python3-pil.imagetk_3.1.2-0ubuntu1.3_ppc64el.deb
 0b484802ecfb1ad1695abcdc7e119d39 304758 python optional python3-pil_3.1.2-0ubuntu1.3_ppc64el.deb
Original-Maintainer: Matthias Klose <doko@debian.org>