Format: 1.8 Date: Tue, 18 May 2021 07:09:08 -0400 Source: pillow Binary: python-pil-doc python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg Built-For-Profiles: noudeb Architecture: all amd64 Version: 8.1.2-1ubuntu0.1 Distribution: hirsute Urgency: medium Maintainer: Launchpad Build Daemon <buildd@lcy01-amd64-017.buildd> Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com> Description: python-pil-doc - Examples for the Python Imaging Library python3-pil - Python Imaging Library (Python3) python3-pil-dbg - Python Imaging Library (Python3 debug extension) python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3) python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension) Changes: pillow (8.1.2-1ubuntu0.1) hirsute-security; urgency=medium . * SECURITY UPDATE: OOB read in Jpeg2KDecode - debian/patches/CVE-2021-25287_8.patch: handle different widths for each band in src/libImaging/Jpeg2KDecode.c. - CVE-2021-25287 - CVE-2021-25288 * SECURITY UPDATE: DOS in PsdImagePlugin - debian/patches/CVE-2021-28675.patch: sanity check the number of input layers in Tests/test_decompression_bomb.py, Tests/test_file_apng.py, Tests/test_file_blp.py, Tests/test_file_tiff.py, src/PIL/ImageFile.py, src/PIL/PsdImagePlugin.py. - CVE-2021-28675 * SECURITY UPDATE: FLI DOS - debian/patches/CVE-2021-28676.patch: check the block advance in src/libImaging/FliDecode.c. - CVE-2021-28676 * SECURITY UPDATE: EPS DOS on _open - debian/patches/CVE-2021-28677.patch: properly handle line endings in src/PIL/EpsImagePlugin.py. - CVE-2021-28677 * SECURITY UPDATE: BLP DOS - debian/patches/CVE-2021-28678.patch: check that reads return data in src/PIL/BlpImagePlugin.py. - CVE-2021-28678 Checksums-Sha1: fe92383eeda0e0181ab6df7c220f6add40161863 13521 pillow_8.1.2-1ubuntu0.1_amd64.buildinfo 7703295c5a04882f31ee886a977f8046e565b9d6 599656 python-pil-doc_8.1.2-1ubuntu0.1_all.deb ecd43d47915a9df84d0af186ad256935bc24ab0b 1165040 python3-pil-dbg_8.1.2-1ubuntu0.1_amd64.deb dae3a0ba13b2ee184a69818b69987cbcae1f83de 25412 python3-pil.imagetk-dbg_8.1.2-1ubuntu0.1_amd64.deb 0447dcb4afe8f68e15dc0fb028452b9c70d281c0 9124 python3-pil.imagetk_8.1.2-1ubuntu0.1_amd64.deb 6c7c0a4701ebe83ebb5ae7d198b46f666f1d4ce0 380924 python3-pil_8.1.2-1ubuntu0.1_amd64.deb Checksums-Sha256: 8d4fa41705d93dc43c1e227d7b975bd8de05d8ec859a4f4f55a1e63087e2dac2 13521 pillow_8.1.2-1ubuntu0.1_amd64.buildinfo 29cd6a33e95bc4996bacfc5a0cde91e92800881fbf7eb085b085dcc295cc65bd 599656 python-pil-doc_8.1.2-1ubuntu0.1_all.deb 9568b79939632cd9684b5d5ab6bd30f41a105cf5d2f5dc060cc2664672c7b1ce 1165040 python3-pil-dbg_8.1.2-1ubuntu0.1_amd64.deb ee07903c9acb8b5b08ea6b4db3ce4d8e13fc041529b2833773263d2165f318d9 25412 python3-pil.imagetk-dbg_8.1.2-1ubuntu0.1_amd64.deb 1b86e3600b4ba964e7b66580379411036439539718cbafb5bc5dc541d3c43d98 9124 python3-pil.imagetk_8.1.2-1ubuntu0.1_amd64.deb 2cfd3e2ab63004c8588510c86ef03fc383e22541a7fd618141f80573705aa07a 380924 python3-pil_8.1.2-1ubuntu0.1_amd64.deb Files: 451d27c00ea0cfcb779e1a63129c1627 13521 python optional pillow_8.1.2-1ubuntu0.1_amd64.buildinfo 333baf967b7007ce8dec249d09dedc80 599656 doc optional python-pil-doc_8.1.2-1ubuntu0.1_all.deb 5a2818ff94f09e732b5ac869a0f9ba9e 1165040 debug optional python3-pil-dbg_8.1.2-1ubuntu0.1_amd64.deb 7e5a59afe813878f38035170250f5478 25412 debug optional python3-pil.imagetk-dbg_8.1.2-1ubuntu0.1_amd64.deb f0974d803aeb1fbee66847e8caba6e81 9124 python optional python3-pil.imagetk_8.1.2-1ubuntu0.1_amd64.deb 1862220cb3422e4de8c9aeddc1a9f009 380924 python optional python3-pil_8.1.2-1ubuntu0.1_amd64.deb Original-Maintainer: Matthias Klose <doko@debian.org>