Format: 1.8
Date: Mon, 03 Feb 2020 13:04:40 -0300
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc
Architecture: arm64
Version: 5.1.0-1ubuntu0.2
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-026.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (5.1.0-1ubuntu0.2) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Exceed memory amount and delay in process image
     - debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
       PIL/PsdImagePlugin.py, Added decompression bomb checks in
       PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
       in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
       in Tests/images/*.
     - CVE-2019-16865
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2019-19911.patch:  Raise an error for an invalid
       number of bands in FPX image in PIL/FpxImagePlugin.py and added some
       testes in Test/images/*.
     - CVE-2019-19911
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5311.patch: catch SGI buffer overruns
       in src/libImaging/SgiRleDecode.c.
     - CVE-2020-5311
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
       in libImaging/PcxDecode.c and added some tests in Test/images/*.
     - CVE-2020-5312
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
       libImaging/FliDecode.c and added some tests in Test/images/*.
     - CVE-2020-5313
Checksums-Sha1:
 8f27a891e166f027643c54e794e03cd20e50713b 12129 pillow_5.1.0-1ubuntu0.2_arm64.buildinfo
 14c8b86295da0f74267806aea53182d1e866836c 752588 python-pil-dbg_5.1.0-1ubuntu0.2_arm64.deb
 d8c2f47ec0e3e2d7cfe22d4c692a426d63aeb96c 30100 python-pil.imagetk-dbg_5.1.0-1ubuntu0.2_arm64.deb
 afbd4b48c7f0556098fa42d30033e3b1f6f17c12 8208 python-pil.imagetk_5.1.0-1ubuntu0.2_arm64.deb
 698506469cb6cdfc1f0776d558f58c1159ecd91e 301212 python-pil_5.1.0-1ubuntu0.2_arm64.deb
 df276ef32b2f7d9f2d298ebdfd35ee4dbab09342 947012 python3-pil-dbg_5.1.0-1ubuntu0.2_arm64.deb
 0e00294a409d77be56b80ec61e934ad578a4709b 36680 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.2_arm64.deb
 3d2d84070e9a1d8b16c3b2f7e9e6d5d7c9466108 8352 python3-pil.imagetk_5.1.0-1ubuntu0.2_arm64.deb
 5f8caaa1eb66bcbcfddcae52198579964f3bdfc6 301464 python3-pil_5.1.0-1ubuntu0.2_arm64.deb
Checksums-Sha256:
 010ccd147fe4823e39160d8798f8cce07ab076a3fc991030dccf92134ac3f2bb 12129 pillow_5.1.0-1ubuntu0.2_arm64.buildinfo
 c16e8115ad187838fadcdfd34563e0592c62f696d6f6a66cd48afa1b6064a913 752588 python-pil-dbg_5.1.0-1ubuntu0.2_arm64.deb
 63397d444e2137913949cc62df90482c33d691c752d86112acff068973f38f26 30100 python-pil.imagetk-dbg_5.1.0-1ubuntu0.2_arm64.deb
 77ee8ca3aa3a530ffb0b8cecf03a3fff3d2d4b721b8241b6a53eac6d230e0db9 8208 python-pil.imagetk_5.1.0-1ubuntu0.2_arm64.deb
 7de6d627b6b51ff299ca875dfeda05eed328b4be9c2eaf653bbb8c4f391c4ed6 301212 python-pil_5.1.0-1ubuntu0.2_arm64.deb
 a644db04c3b75ca6e71838fbb48b6fce98564213b6cf2946d7cf03384fd3fd74 947012 python3-pil-dbg_5.1.0-1ubuntu0.2_arm64.deb
 0fc27622300ba1b2a6424fd92cab4b739653531c8def8eb81b772fd93bc0daa2 36680 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.2_arm64.deb
 7468cb39be5a34584363a4c279d4e27392149266557bacd68e601fa2ee1a0b7f 8352 python3-pil.imagetk_5.1.0-1ubuntu0.2_arm64.deb
 983a3553aca2cfa7993337d8bc418ba2ce607810268d63a828b48b8c6aebb2ef 301464 python3-pil_5.1.0-1ubuntu0.2_arm64.deb
Files:
 6162b1ad24d445517f424010e93a563a 12129 python optional pillow_5.1.0-1ubuntu0.2_arm64.buildinfo
 9ec7c8ef90113833addac932bb9fecaa 752588 debug optional python-pil-dbg_5.1.0-1ubuntu0.2_arm64.deb
 f5fe8b3097069b1d1d77e26fed9d27d2 30100 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.2_arm64.deb
 f5ee6074cfffaf1454b285fbff66f4db 8208 python optional python-pil.imagetk_5.1.0-1ubuntu0.2_arm64.deb
 995685f67c32fc517da142db699421f7 301212 python optional python-pil_5.1.0-1ubuntu0.2_arm64.deb
 158966839f3542e6deb28442d07543a2 947012 debug optional python3-pil-dbg_5.1.0-1ubuntu0.2_arm64.deb
 4b76060fac082de38be5affb627d8930 36680 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.2_arm64.deb
 56c610b8b4e8a3ba76a782e1067ba6c2 8352 python optional python3-pil.imagetk_5.1.0-1ubuntu0.2_arm64.deb
 431dcfb735ca2886250eccd96cb1b9b6 301464 python optional python3-pil_5.1.0-1ubuntu0.2_arm64.deb
Original-Maintainer: Matthias Klose <doko@debian.org>