Format: 1.8
Date: Wed, 13 Jan 2021 09:35:02 -0500
Source: pillow
Binary: python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg
Architecture: s390x
Version: 7.2.0-1ubuntu0.1
Distribution: groovy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-015.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (7.2.0-1ubuntu0.1) groovy-security; urgency=medium
 .
   * SECURITY UPDATE: buffer over-read via PCX file
     - debian/patches/CVE-2020-35653.patch: don't trust the image to specify
       a buffer size in src/PIL/PcxImagePlugin.py.
     - CVE-2020-35653
   * SECURITY UPDATE: heap overflow via YCbCr files
     - debian/patches/CVE-2020-35654-1.patch: fix tiff comparison warnings
       in src/libImaging/TiffDecode.c.
     - debian/patches/CVE-2020-35654-2.patch: fix OOB write in
       src/libImaging/TiffDecode.c.
     - debian/patches/CVE-2020-35654-3.patch: rework ReadTile in
       src/libImaging/TiffDecode.c.
     - CVE-2020-35654
   * SECURITY UPDATE: buffer over-read via SGI RLE image file
     - debian/patches/CVE-2020-35655-1.patch: add checks to
       src/libImaging/SgiRleDecode.c.
     - debian/patches/CVE-2020-35655-2.patch: rework error flags in
       src/libImaging/SgiRleDecode.c.
     - CVE-2020-35655
Checksums-Sha1:
 310da914fb72ddc22c01f03b9f89b607cb245fb5 11567 pillow_7.2.0-1ubuntu0.1_s390x.buildinfo
 9dbffb6bda9713a94b242525f947fa6838b7fe32 1190072 python3-pil-dbg_7.2.0-1ubuntu0.1_s390x.deb
 484429fe8058f6cd2cfe7375c1ed247010763108 26504 python3-pil.imagetk-dbg_7.2.0-1ubuntu0.1_s390x.deb
 6e833ccbf404dc451a24e418263c7a09a580ce6e 8908 python3-pil.imagetk_7.2.0-1ubuntu0.1_s390x.deb
 4827eccffcc9db37ab4b3d98096706795d9c6f98 379668 python3-pil_7.2.0-1ubuntu0.1_s390x.deb
Checksums-Sha256:
 492f0a54bdbd855a5d800fd3c1efad51c674f62c70d7a0bbff13868ec12aadac 11567 pillow_7.2.0-1ubuntu0.1_s390x.buildinfo
 cb2560174ffce030484d287795cf587a0d9995cff7ecaf3fe354e686c292c5f6 1190072 python3-pil-dbg_7.2.0-1ubuntu0.1_s390x.deb
 4677599e2df62f7ea77d2711222b56aced7e45c4b006def7738b1253cb22f427 26504 python3-pil.imagetk-dbg_7.2.0-1ubuntu0.1_s390x.deb
 a1d4927204164324848690227a1b23f92a14f8d88e4b728eabdf6dfbe685735c 8908 python3-pil.imagetk_7.2.0-1ubuntu0.1_s390x.deb
 c44a82264b9ef271a94d8f7d9d8cf2d41ca8b4afac050d186ac7a6b2d736b674 379668 python3-pil_7.2.0-1ubuntu0.1_s390x.deb
Files:
 a4953369974c4256caef09971b4b00c2 11567 python optional pillow_7.2.0-1ubuntu0.1_s390x.buildinfo
 8fb5703ee243f69d73bd3a5cc9712433 1190072 debug optional python3-pil-dbg_7.2.0-1ubuntu0.1_s390x.deb
 120cea9775495972819844b40f93c39d 26504 debug optional python3-pil.imagetk-dbg_7.2.0-1ubuntu0.1_s390x.deb
 9443ccda0b1d3b7dfe62ee2293644366 8908 python optional python3-pil.imagetk_7.2.0-1ubuntu0.1_s390x.deb
 e755dce50bfb246395bfb4ed5ffe75ce 379668 python optional python3-pil_7.2.0-1ubuntu0.1_s390x.deb
Original-Maintainer: Matthias Klose <doko@debian.org>