Format: 1.8
Date: Wed, 12 Jan 2022 13:21:48 -0500
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc
Architecture: amd64 all
Version: 5.1.0-1ubuntu0.7
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-041.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (5.1.0-1ubuntu0.7) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: regular expression DoS
     - debian/patches/CVE-2021-23437.patch: raise ValueError if color
       specifier is too long in Tests/test_imagecolor.py,
       src/PIL/ImageColor.py.
     - CVE-2021-23437
   * SECURITY UPDATE: Dos via buffer overflow
     - debian/patches/CVE-2021-34552.patch: limit sprintf modes to 10
       characters in src/libImaging/Convert.c.
     - CVE-2021-34552
   * SECURITY UPDATE: improper initialization
     - debian/patches/CVE-2022-22815.patch: initialize coordinates to zero
       in src/path.c.
     - CVE-2022-22815
   * SECURITY UPDATE: buffer over-read during initialization
     - debian/patches/CVE-2022-22816.patch: handle case where path count is
       zero in src/path.c.
     - CVE-2022-22816
   * SECURITY UPDATE: evaluation of arbitrary expressions
     - debian/patches/CVE-2022-22817.patch: restrict builtins for
       ImageMath.eval in Tests/test_imagemath.py, src/PIL/ImageMath.py.
     - CVE-2022-22817
Checksums-Sha1:
 3c54e687f9c2870053c62356b8823d781427e1e3 13735 pillow_5.1.0-1ubuntu0.7_amd64.buildinfo
 88a886743bcf7054af00be03077cb2a381ce4f08 493132 python-pil-dbg_5.1.0-1ubuntu0.7_amd64.deb
 90b4d4eb1e42b0793edf920cf78c8a93183d1a03 368568 python-pil-doc_5.1.0-1ubuntu0.7_all.deb
 5aaaf94dbc10dafa594d11a44f87398ef32927b3 25472 python-pil.imagetk-dbg_5.1.0-1ubuntu0.7_amd64.deb
 5b11f62f0236f326b3ac6eaf56a62536fc724f8c 8376 python-pil.imagetk_5.1.0-1ubuntu0.7_amd64.deb
 c8bfd4226cd876b836b724cb19bda468052f2dc9 302516 python-pil_5.1.0-1ubuntu0.7_amd64.deb
 d79e2bb89e32e9c218fb261509b151c58c399871 955292 python3-pil-dbg_5.1.0-1ubuntu0.7_amd64.deb
 473bd9d0bdd8c4cad2bab47a4436faf0bb7f2378 36084 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.7_amd64.deb
 43f2818d2ac539c93f3426e2db9a224e8fbac6c7 8676 python3-pil.imagetk_5.1.0-1ubuntu0.7_amd64.deb
 e285cb1e485f4fcd1a2541876bfb0fe8991d668b 331020 python3-pil_5.1.0-1ubuntu0.7_amd64.deb
Checksums-Sha256:
 efb11b4c8294c8521a615e9f8c096b765e9f69678de047547e775f21e13fc20b 13735 pillow_5.1.0-1ubuntu0.7_amd64.buildinfo
 e6f2f5d1d611cfa0e1451fc3c116ee470825ea79f065771f25678be7334f75fb 493132 python-pil-dbg_5.1.0-1ubuntu0.7_amd64.deb
 f6cc88bdb1a8c9a62c9869622702fad97dac980790da2b604e251a3459102fe7 368568 python-pil-doc_5.1.0-1ubuntu0.7_all.deb
 f4062909d070bc6c3f3b6c8cd4f39cae0319f1d4fe04210e14268eed7d4b0aeb 25472 python-pil.imagetk-dbg_5.1.0-1ubuntu0.7_amd64.deb
 d25138b76cdadde9d69d34aa24a5cd3f06de8a315b737986a7988aa88b29453e 8376 python-pil.imagetk_5.1.0-1ubuntu0.7_amd64.deb
 40458196fdd13de14ecdaad9e9237200234b823f9591ec0f5f599c9b1e12252a 302516 python-pil_5.1.0-1ubuntu0.7_amd64.deb
 1ab720ac1bfb272afceafb489e1227d8050359bed48921a02099725285b79119 955292 python3-pil-dbg_5.1.0-1ubuntu0.7_amd64.deb
 87d7bb7dc566463e5d9dccf8dfadc04b8473cd0c168d77e1db236d88163bbfed 36084 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.7_amd64.deb
 f43c2d4c85638318ab37b67822d42b080a15ff69270723f0e1af53312b778302 8676 python3-pil.imagetk_5.1.0-1ubuntu0.7_amd64.deb
 656127c6ca57679dbc4bc39a51db71a1f6729a55b405fb638c499f4b11ad021b 331020 python3-pil_5.1.0-1ubuntu0.7_amd64.deb
Files:
 aefbce1011c7a45f04c5a498017cd931 13735 python optional pillow_5.1.0-1ubuntu0.7_amd64.buildinfo
 6d1a6b3ab676b021365466e0db54b4a9 493132 debug optional python-pil-dbg_5.1.0-1ubuntu0.7_amd64.deb
 2b66239fb50e9b8a3595306f273708fe 368568 doc optional python-pil-doc_5.1.0-1ubuntu0.7_all.deb
 550aadb4dbb25d2013b40251dca96e1e 25472 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.7_amd64.deb
 5455c7f9766b2c98d0b1c8394b19e35b 8376 python optional python-pil.imagetk_5.1.0-1ubuntu0.7_amd64.deb
 57f4ef5917efcfa2d5579b1e5fe03b58 302516 python optional python-pil_5.1.0-1ubuntu0.7_amd64.deb
 da4fc19e0127b3e4e4faea816a21476a 955292 debug optional python3-pil-dbg_5.1.0-1ubuntu0.7_amd64.deb
 908d38de67aa8bb1a8b7c4a72fede4dd 36084 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.7_amd64.deb
 14a8d3a7565445965ccca459a7bfc553 8676 python optional python3-pil.imagetk_5.1.0-1ubuntu0.7_amd64.deb
 2030098bf7baec4b5097693e500d21f8 331020 python optional python3-pil_5.1.0-1ubuntu0.7_amd64.deb
Original-Maintainer: Matthias Klose <doko@debian.org>