Format: 1.8 Date: Wed, 10 Mar 2021 13:01:32 -0500 Source: pillow Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc Architecture: armhf Version: 5.1.0-1ubuntu0.5 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: python-pil - Python Imaging Library (Pillow fork) python-pil-dbg - Python Imaging Library (debug extension) python-pil-doc - Examples for the Python Imaging Library python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork) python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension) python3-pil - Python Imaging Library (Python3) python3-pil-dbg - Python Imaging Library (Python3 debug extension) python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3) python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension) Changes: pillow (5.1.0-1ubuntu0.5) bionic-security; urgency=medium . * SECURITY UPDATE: negative-offset memcpy with an invalid size - debian/patches/CVE-2021-25290.patch: add extra check to src/libImaging/TiffDecode.c. - CVE-2021-25290 * SECURITY UPDATE: DoS via backtrack regex - debian/patches/CVE-2021-25292.patch: use more specific regex in src/PIL/PdfParser.py. - CVE-2021-25292 * SECURITY UPDATE: Out of Bounds Read - debian/patches/CVE-2021-25293.patch: add more checks to src/libImaging/SgiRleDecode.c. - CVE-2021-25293 * SECURITY UPDATE: DoS via invalid reported size - debian/patches/CVE-2021-2792x.patch: check reported sizes in src/PIL/BlpImagePlugin.py, src/PIL/IcnsImagePlugin.py, src/PIL/IcoImagePlugin.py. - CVE-2021-27921 - CVE-2021-27922 - CVE-2021-27923 Checksums-Sha1: 8e1c7f2f71790fdd7310e33bc28e4dcca2ab59d5 12125 pillow_5.1.0-1ubuntu0.5_armhf.buildinfo 7115351828a98035be13117a9895b07a73184560 489016 python-pil-dbg_5.1.0-1ubuntu0.5_armhf.deb 8b3718e33578cab1032a65ded4a54f36446fae85 25708 python-pil.imagetk-dbg_5.1.0-1ubuntu0.5_armhf.deb 75002ad252b3695b6ad92328ddafbc21206cffc8 8156 python-pil.imagetk_5.1.0-1ubuntu0.5_armhf.deb bf78b90fb9b295563baf6525a61665ab87dbbe3f 280268 python-pil_5.1.0-1ubuntu0.5_armhf.deb 5764e7aa36e984afcd0245910cb3eec37e0c61ba 922644 python3-pil-dbg_5.1.0-1ubuntu0.5_armhf.deb 1317fe55d5c6f395caa14f35ba342ae756c675d1 35748 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.5_armhf.deb d7c055b9aff4cb029573f87ff9caa544a8fc1b30 8252 python3-pil.imagetk_5.1.0-1ubuntu0.5_armhf.deb 6453ce59cd0a887481564a1c08ac1026b813e187 302204 python3-pil_5.1.0-1ubuntu0.5_armhf.deb Checksums-Sha256: 9b383fa2bd9711d483912bd28f872097e86309a844c09295288fabfaba77b93a 12125 pillow_5.1.0-1ubuntu0.5_armhf.buildinfo db4e5728e6269dc5c9a0d7db083111f92de7bbcac9d530e3288e23b37b8d0a23 489016 python-pil-dbg_5.1.0-1ubuntu0.5_armhf.deb 4372dc3ca19781e83eb02f072c6314f680e096b21ca224213a1df3c3f7209805 25708 python-pil.imagetk-dbg_5.1.0-1ubuntu0.5_armhf.deb c649297c1f6595418d48507b4cdf7a54b07ec037f98f280daf89136a995933dd 8156 python-pil.imagetk_5.1.0-1ubuntu0.5_armhf.deb 11133ef55cd14b5d968146fbd451636a7a5507e5cc6a4fcfafc8026b2f243d7d 280268 python-pil_5.1.0-1ubuntu0.5_armhf.deb accfcd5a666a918fef8f7029b2762cf18217e502bed0f0ca83ec48a160dbc786 922644 python3-pil-dbg_5.1.0-1ubuntu0.5_armhf.deb 60ba18ac7163440cc37adfd74952729f2a0d471396b34d3646a47a4c3d54c414 35748 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.5_armhf.deb 353eea291be429d4cf041a139591b853d589e17fde56a46d6d713fe67373f8ea 8252 python3-pil.imagetk_5.1.0-1ubuntu0.5_armhf.deb 8a9764e2a7f4aae74b4d4fdf292d0f8268a1806e70365b5d2c541c874d16d945 302204 python3-pil_5.1.0-1ubuntu0.5_armhf.deb Files: aa2d8a67da46065ed77dc55611cf9065 12125 python optional pillow_5.1.0-1ubuntu0.5_armhf.buildinfo c75f6c6340874bc20099f7a23b3f9d34 489016 debug optional python-pil-dbg_5.1.0-1ubuntu0.5_armhf.deb 11fb551409223a00a7677fc767009eff 25708 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.5_armhf.deb 9c7b1d29b6b01d478fee347072780669 8156 python optional python-pil.imagetk_5.1.0-1ubuntu0.5_armhf.deb 9d0c982d7a427af5655b9832e1a7d7a3 280268 python optional python-pil_5.1.0-1ubuntu0.5_armhf.deb 0f08427554d2824cc6cadf730b2367b7 922644 debug optional python3-pil-dbg_5.1.0-1ubuntu0.5_armhf.deb 5876521c4bdbb382852b2757d88c9c13 35748 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.5_armhf.deb 4e6e840378c050cf1261590db123ba83 8252 python optional python3-pil.imagetk_5.1.0-1ubuntu0.5_armhf.deb 6a5ca972d4d312a6a11fa5d4bc5868ee 302204 python optional python3-pil_5.1.0-1ubuntu0.5_armhf.deb Original-Maintainer: Matthias Klose