Format: 1.8
Date: Thu, 30 Jan 2020 17:15:56 -0300
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc python-imaging
Architecture: s390x
Version: 3.1.2-0ubuntu1.3
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-015.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 python-imaging - Python Imaging Library compatibility layer
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (3.1.2-0ubuntu1.3) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: Exceed memory amount and delay in process image
     - debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
       PIL/PsdImagePlugin.py, Added decompression bomb checks in
       PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
       in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
       in Tests/images/*.
     - CVE-2019-16865
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2019-19911.patch:  Raise an error for an invalid
       number of bands in FPX image in PIL/FpxImagePlugin.py.
     - CVE-2019-19911
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
       in libImaging/PcxDecode.c.
     - CVE-2020-5312
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
       libImaging/FliDecode.c.
     - CVE-2020-5313
   * Fix decompression tests that failed
     - debian/patches/Fixing_decompression_test.patch: Tests/test_decompression.py.
Checksums-Sha1:
 ffa11ccc1d20f8d12bf5abb63b4f65268e64a256 422298 python-pil-dbg_3.1.2-0ubuntu1.3_s390x.deb
 73f78127c12be3b36a4370d91312fd214ddaedab 13058 python-pil.imagetk-dbg_3.1.2-0ubuntu1.3_s390x.deb
 396b09984b64f9f545313fb8b1fe5eff554038dd 7390 python-pil.imagetk_3.1.2-0ubuntu1.3_s390x.deb
 8ddb7e966bfe5151e3b874d9cc879db48d48951b 310112 python-pil_3.1.2-0ubuntu1.3_s390x.deb
 d2edd5220624408248ae07e32110e53f8400749d 510950 python3-pil-dbg_3.1.2-0ubuntu1.3_s390x.deb
 69a83bdd4829346c830e44e7eef193c983fa9e85 13348 python3-pil.imagetk-dbg_3.1.2-0ubuntu1.3_s390x.deb
 70e0c70f68820ee82f1a67760d3199e7364eb977 7454 python3-pil.imagetk_3.1.2-0ubuntu1.3_s390x.deb
 2a6ded32f7a471285fcac3017865e1b29710333b 310568 python3-pil_3.1.2-0ubuntu1.3_s390x.deb
Checksums-Sha256:
 9be96461f9874a32dc89e94065943383a4bbf33581c57efd40cb8c584c0c1365 422298 python-pil-dbg_3.1.2-0ubuntu1.3_s390x.deb
 1bf4e3eb68ceff9585a9a5934f9aae62a9c2ed9908e942932e07dd4b98293868 13058 python-pil.imagetk-dbg_3.1.2-0ubuntu1.3_s390x.deb
 af80ad34e7a24c9dd9355359eb0d581f01f93ead0c5b7e6ef772beb0b8fab03f 7390 python-pil.imagetk_3.1.2-0ubuntu1.3_s390x.deb
 f79bd813dca03a80e663482ae5166ee86bd24242084208e6cd9120337e021c36 310112 python-pil_3.1.2-0ubuntu1.3_s390x.deb
 225cedf0756e607bc2342b4a10ee03293687abe39ceec13dfb972da05209f4cd 510950 python3-pil-dbg_3.1.2-0ubuntu1.3_s390x.deb
 8cca3666337dba94ecb320a31555c32a8171b3fef84934065c392111854e3a2b 13348 python3-pil.imagetk-dbg_3.1.2-0ubuntu1.3_s390x.deb
 3bfe56a5f2fbdb5689d45c68481eeb3f4a659ba233b817019acc621b9209633a 7454 python3-pil.imagetk_3.1.2-0ubuntu1.3_s390x.deb
 c54e4444a189a96e6923bedfbe53eb8e7ba8b35f05d595ad36e6921ff1bbe352 310568 python3-pil_3.1.2-0ubuntu1.3_s390x.deb
Files:
 81b01309c16d70683bb139dd177192d4 422298 debug extra python-pil-dbg_3.1.2-0ubuntu1.3_s390x.deb
 c19bbf385490b3a89586ed9c0799764f 13058 debug extra python-pil.imagetk-dbg_3.1.2-0ubuntu1.3_s390x.deb
 6089d828b3307a47620e975656d2fa6d 7390 python optional python-pil.imagetk_3.1.2-0ubuntu1.3_s390x.deb
 c1be6aa0ba1f2b4838e291e31d3b4411 310112 python optional python-pil_3.1.2-0ubuntu1.3_s390x.deb
 6ed9c9fb5e1527564ad8e32dad323025 510950 debug extra python3-pil-dbg_3.1.2-0ubuntu1.3_s390x.deb
 1d3d8cbd1bc6277dd552eeb50331a899 13348 debug extra python3-pil.imagetk-dbg_3.1.2-0ubuntu1.3_s390x.deb
 e0be1b4cdbb6788e86197af885df21b7 7454 python optional python3-pil.imagetk_3.1.2-0ubuntu1.3_s390x.deb
 065de5d22fbf987966bae6c51401498c 310568 python optional python3-pil_3.1.2-0ubuntu1.3_s390x.deb
Original-Maintainer: Matthias Klose <doko@debian.org>