Format: 1.8
Date: Wed, 12 Jan 2022 13:21:48 -0500
Source: pillow
Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python-pil-doc
Architecture: arm64
Version: 5.1.0-1ubuntu0.7
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-034.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python-pil - Python Imaging Library (Pillow fork)
 python-pil-dbg - Python Imaging Library (debug extension)
 python-pil-doc - Examples for the Python Imaging Library
 python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork)
 python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension)
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (5.1.0-1ubuntu0.7) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: regular expression DoS
     - debian/patches/CVE-2021-23437.patch: raise ValueError if color
       specifier is too long in Tests/test_imagecolor.py,
       src/PIL/ImageColor.py.
     - CVE-2021-23437
   * SECURITY UPDATE: Dos via buffer overflow
     - debian/patches/CVE-2021-34552.patch: limit sprintf modes to 10
       characters in src/libImaging/Convert.c.
     - CVE-2021-34552
   * SECURITY UPDATE: improper initialization
     - debian/patches/CVE-2022-22815.patch: initialize coordinates to zero
       in src/path.c.
     - CVE-2022-22815
   * SECURITY UPDATE: buffer over-read during initialization
     - debian/patches/CVE-2022-22816.patch: handle case where path count is
       zero in src/path.c.
     - CVE-2022-22816
   * SECURITY UPDATE: evaluation of arbitrary expressions
     - debian/patches/CVE-2022-22817.patch: restrict builtins for
       ImageMath.eval in Tests/test_imagemath.py, src/PIL/ImageMath.py.
     - CVE-2022-22817
Checksums-Sha1:
 b78fb92d5d149c8b922f568cab085e7b91c91087 12272 pillow_5.1.0-1ubuntu0.7_arm64.buildinfo
 c598538cfdb9aa242b8b8ecd6c57e2835fdfb2b0 478960 python-pil-dbg_5.1.0-1ubuntu0.7_arm64.deb
 543f6cbab8d57a495224348b49cf084e463499c5 25564 python-pil.imagetk-dbg_5.1.0-1ubuntu0.7_arm64.deb
 46542d539e55dd75055f957cd92d15df605e3c68 8096 python-pil.imagetk_5.1.0-1ubuntu0.7_arm64.deb
 e308869313a23426289b4d3c00cf9bf87c828626 278596 python-pil_5.1.0-1ubuntu0.7_arm64.deb
 a4b3fa2cc9909a29a29ecea61a757ec4fe7d0c68 948104 python3-pil-dbg_5.1.0-1ubuntu0.7_arm64.deb
 698e6a66d1ce4afdd992a6c194159ad43fe2c27c 36600 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.7_arm64.deb
 066a4220c0d6a8c7589b8abc4957d3065fe20883 8352 python3-pil.imagetk_5.1.0-1ubuntu0.7_arm64.deb
 c2d9259e9b8cc072098b975535b82389d42a35a4 303112 python3-pil_5.1.0-1ubuntu0.7_arm64.deb
Checksums-Sha256:
 3360b4d29fcbd36364adf9056a33609b5591ba3721d5e5ff56261bce13a04622 12272 pillow_5.1.0-1ubuntu0.7_arm64.buildinfo
 5dc3947e5717e3cedbff002556ada82c863c571c72f63632bd4988245329084e 478960 python-pil-dbg_5.1.0-1ubuntu0.7_arm64.deb
 f8d8cdf0a4506f941853c332b90d19ee4bf2fc2430fd212dd81a5ebd900ad186 25564 python-pil.imagetk-dbg_5.1.0-1ubuntu0.7_arm64.deb
 a69e7d053cc06be261a1f7b775511db636fa35bf3e7b913a01f01575596621c9 8096 python-pil.imagetk_5.1.0-1ubuntu0.7_arm64.deb
 049f69f22a2590e561950c2d9d07068e2ce4732222e0008d2ddb86516faade95 278596 python-pil_5.1.0-1ubuntu0.7_arm64.deb
 cafb5a2aab2d6c95a823bd27ea098775fa77a41522db18faa1887a7c213fc4ca 948104 python3-pil-dbg_5.1.0-1ubuntu0.7_arm64.deb
 40a69e53bac582df1d4490dc55083bacbf644cc38d18ec6322ad8b0469f23fa4 36600 python3-pil.imagetk-dbg_5.1.0-1ubuntu0.7_arm64.deb
 264c79724383bf8080ca63e5f85aa439dedbc820d2fcb85100622d80f3374ffd 8352 python3-pil.imagetk_5.1.0-1ubuntu0.7_arm64.deb
 c03703be93226c4092610ed12444f0c6cd77b7f375c06a9f5de4a37147499f47 303112 python3-pil_5.1.0-1ubuntu0.7_arm64.deb
Files:
 d60d6615f27bf8276feef6cc0defb757 12272 python optional pillow_5.1.0-1ubuntu0.7_arm64.buildinfo
 7f9f30b2c4a0ee357402b79d0d3a6a07 478960 debug optional python-pil-dbg_5.1.0-1ubuntu0.7_arm64.deb
 09b2f9a2d376a072622c31646e505dc1 25564 debug optional python-pil.imagetk-dbg_5.1.0-1ubuntu0.7_arm64.deb
 737cb116f1637a3015f5a0a868df3c02 8096 python optional python-pil.imagetk_5.1.0-1ubuntu0.7_arm64.deb
 24987a96916b788f9d797a0fd63c6633 278596 python optional python-pil_5.1.0-1ubuntu0.7_arm64.deb
 2ee89efa63d6db212fd7ad6de38e38ba 948104 debug optional python3-pil-dbg_5.1.0-1ubuntu0.7_arm64.deb
 317a8ef262289aece73b0fe20d357b99 36600 debug optional python3-pil.imagetk-dbg_5.1.0-1ubuntu0.7_arm64.deb
 c7c3d13a4ff231c1e4c7f034c9712380 8352 python optional python3-pil.imagetk_5.1.0-1ubuntu0.7_arm64.deb
 65426507e3992beed0ad4ed31fd7eeb2 303112 python optional python3-pil_5.1.0-1ubuntu0.7_arm64.deb
Original-Maintainer: Matthias Klose <doko@debian.org>