Format: 1.8
Date: Wed, 10 Mar 2021 12:41:13 -0500
Source: pillow
Binary: python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg
Architecture: s390x
Version: 7.2.0-1ubuntu0.2
Distribution: groovy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-015.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (7.2.0-1ubuntu0.2) groovy-security; urgency=medium
 .
   * SECURITY UPDATE: insufficient fix for CVE-2020-35654
     - debian/patches/CVE-2021-25289.patch: improve return code check in
       src/libImaging/TiffDecode.c.
     - CVE-2021-25289
   * SECURITY UPDATE: negative-offset memcpy with an invalid size
     - debian/patches/CVE-2021-25290.patch: add extra check to
       src/libImaging/TiffDecode.c.
     - CVE-2021-25290
   * SECURITY UPDATE: invalid tile boundaries could lead to an OOB Read
     - debian/patches/CVE-2021-25291.patch: check tile validity in
       src/libImaging/TiffDecode.c.
     - CVE-2021-25291
   * SECURITY UPDATE: DoS via backtrack regex
     - debian/patches/CVE-2021-25292.patch: use more specific regex in
       src/PIL/PdfParser.py.
     - CVE-2021-25292
   * SECURITY UPDATE: Out of Bounds Read
     - debian/patches/CVE-2021-25293.patch: add more checks to
       src/libImaging/SgiRleDecode.c.
     - CVE-2021-25293
   * SECURITY UPDATE: DoS via invalid reported size
     - debian/patches/CVE-2021-2792x.patch: check reported sizes in
       src/PIL/BlpImagePlugin.py, src/PIL/IcnsImagePlugin.py,
       src/PIL/IcoImagePlugin.py.
     - CVE-2021-27921
     - CVE-2021-27922
     - CVE-2021-27923
Checksums-Sha1:
 bab74acd0a6489fc7da016f3cd33c4a4839920f7 11739 pillow_7.2.0-1ubuntu0.2_s390x.buildinfo
 2c7c5e58dcc676637850097a78ddec475093fa9f 1191140 python3-pil-dbg_7.2.0-1ubuntu0.2_s390x.deb
 e9257c31b65cd351c11066d37e17fd9ddcc1b831 26504 python3-pil.imagetk-dbg_7.2.0-1ubuntu0.2_s390x.deb
 1382d2876cb8c161499068d6bd42dab1b3c8e41c 8908 python3-pil.imagetk_7.2.0-1ubuntu0.2_s390x.deb
 b7667b8870da1c0544946fb116c7ad968e3c478c 379892 python3-pil_7.2.0-1ubuntu0.2_s390x.deb
Checksums-Sha256:
 25aa80a4320509d6e0281838c23a93314786e64d7a135b26b0a28c3cce7777f2 11739 pillow_7.2.0-1ubuntu0.2_s390x.buildinfo
 6746954da11d46d7f2d824dd79e12438681e7e1adeee8638b0b0788f1abf153f 1191140 python3-pil-dbg_7.2.0-1ubuntu0.2_s390x.deb
 f56a2e29ebfe4957d8cb37be206df1752aea9ecb380313a1ca5d1e0596daeb2c 26504 python3-pil.imagetk-dbg_7.2.0-1ubuntu0.2_s390x.deb
 1ff36121bb5ed2e6b61a76cefbbf3b43c12479d4bcd5484d8ca290121b5c463a 8908 python3-pil.imagetk_7.2.0-1ubuntu0.2_s390x.deb
 3018069497aaef17665c9a51d8c5ec112d826d5f3ea7318040a8d518e38823ce 379892 python3-pil_7.2.0-1ubuntu0.2_s390x.deb
Files:
 0c8d88fb78d104264f6ca0eb448ec634 11739 python optional pillow_7.2.0-1ubuntu0.2_s390x.buildinfo
 21a65d3818f5e0a0a34e9189e197fc03 1191140 debug optional python3-pil-dbg_7.2.0-1ubuntu0.2_s390x.deb
 504ebec452986951c430d060590d65b9 26504 debug optional python3-pil.imagetk-dbg_7.2.0-1ubuntu0.2_s390x.deb
 8be0fd27301174b56d1e9f04c1093d40 8908 python optional python3-pil.imagetk_7.2.0-1ubuntu0.2_s390x.deb
 57e2ce51498ff036bffb66900a99f686 379892 python optional python3-pil_7.2.0-1ubuntu0.2_s390x.deb
Original-Maintainer: Matthias Klose <doko@debian.org>