Format: 1.8
Date: Mon, 03 Feb 2020 13:04:40 -0300
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc
Architecture: s390x
Version: 5.1.0-1ubuntu0.2
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-013.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (5.1.0-1ubuntu0.2) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Exceed memory amount and delay in process image
     - debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
       PIL/PsdImagePlugin.py, Added decompression bomb checks in
       PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
       in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
       in Tests/images/*.
     - CVE-2019-16865
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2019-19911.patch:  Raise an error for an invalid
       number of bands in FPX image in PIL/FpxImagePlugin.py and added some
       testes in Test/images/*.
     - CVE-2019-19911
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5311.patch: catch SGI buffer overruns
       in src/libImaging/SgiRleDecode.c.
     - CVE-2020-5311
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
       in libImaging/PcxDecode.c and added some tests in Test/images/*.
     - CVE-2020-5312
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
       libImaging/FliDecode.c and added some tests in Test/images/*.
     - CVE-2020-5313
Checksums-Sha1:
 3ce86a672653d377b340d9a1d486c2d9927ad6de 12051 pillow_5.1.0-1ubuntu0.2_s390x.buildinfo
 cba59f7a2609cfbf463f2186818e214bcf0d0ec7 790852 python-pil-dbg_5.1.0-1ubuntu0.2_s390x.deb
 276fd887b98a1d53ec5662a5ab2431805522a964 30364 python-pil.imagetk-dbg_5.1.0-1ubuntu0.2_s390x.deb
 2f2afd39e4398eae529e5e6eda60ef904a444b26 8332 python-pil.imagetk_5.1.0-1ubuntu0.2_s390x.deb
 801d23a22b42c146a123241306a038d927693dc8 320468 python-pil_5.1.0-1ubuntu0.2_s390x.deb
 04fac02e2febcdf95cf44c24f01cd1a4392ddcc7 965176 python3-pil-dbg_5.1.0-1ubuntu0.2_s390x.deb
 64919171de6ee68feecf10320f0d4117a494dd15 35512 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.2_s390x.deb
 f4211fa4b6a7a6029637d515639786e66676d04d 8528 python3-pil.imagetk_5.1.0-1ubuntu0.2_s390x.deb
 206db42d166716362fc64c64dbec6c2839735440 321808 python3-pil_5.1.0-1ubuntu0.2_s390x.deb
Checksums-Sha256:
 8dd41f8bf66135b34a4c47639f5505267da8211319c848e4c7c7018a40ebab95 12051 pillow_5.1.0-1ubuntu0.2_s390x.buildinfo
 2fd65d27a6a1f14bf51224103c1a965d54c01e725ecce054c5b9744d4dc855d2 790852 python-pil-dbg_5.1.0-1ubuntu0.2_s390x.deb
 c2b825c882c03d37a9ab721c8247f686bf02201626e7275fe82cd7bf1b1a5ac9 30364 python-pil.imagetk-dbg_5.1.0-1ubuntu0.2_s390x.deb
 5a505fe27e0b4c8a30bf056287c33e99da802cbd53d47eebc7647ec78bd0cb38 8332 python-pil.imagetk_5.1.0-1ubuntu0.2_s390x.deb
 389b63c85d58166eeb3508367ff5fc99e414f09c02bf11d18bf8ab3ac817fb2d 320468 python-pil_5.1.0-1ubuntu0.2_s390x.deb
 bbfe2559399f11339ef02c28549aaa758d7d0851248d58b1a76ab9b87f2ed625 965176 python3-pil-dbg_5.1.0-1ubuntu0.2_s390x.deb
 53bf4a272da8f4b5bb91690eaf590de649205d32b40820760cbe949e2cefa565 35512 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.2_s390x.deb
 177e307e5fb49253b7b5f3bb4637e1d28318cf1cce4c5fe64c8d61affcd56f8a 8528 python3-pil.imagetk_5.1.0-1ubuntu0.2_s390x.deb
 367237a9b0aecfbf90f42f74765452a5e2de022f2bb71d30969186e6e22c427d 321808 python3-pil_5.1.0-1ubuntu0.2_s390x.deb
Files:
 d7fba27fe3b631239dc8e9df9fcdf959 12051 python optional pillow_5.1.0-1ubuntu0.2_s390x.buildinfo
 2e29d16d35c3607e018896226232b628 790852 debug optional python-pil-dbg_5.1.0-1ubuntu0.2_s390x.deb
 70d7a3aa8e0cff2bc744568ae0f09ba1 30364 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.2_s390x.deb
 932fb5ba5e63e16c592a605a951f6838 8332 python optional python-pil.imagetk_5.1.0-1ubuntu0.2_s390x.deb
 8d9272f7ada4a3163c429e61749eb008 320468 python optional python-pil_5.1.0-1ubuntu0.2_s390x.deb
 abdc850f6cf2efebfe192bac5f1286b9 965176 debug optional python3-pil-dbg_5.1.0-1ubuntu0.2_s390x.deb
 19f6679964e26d8d0f8435500dd1b681 35512 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.2_s390x.deb
 af9dd6b86e743379d265ead103e6fc17 8528 python optional python3-pil.imagetk_5.1.0-1ubuntu0.2_s390x.deb
 f675696eb3ba5619ea2d114a9ac2565c 321808 python optional python3-pil_5.1.0-1ubuntu0.2_s390x.deb
Original-Maintainer: Matthias Klose <doko@debian.org>