-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2893-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 23, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : pillow Version : 4.0.0-4+deb9u4 CVE ID : CVE-2022-22815 CVE-2022-22816 CVE-2022-22817 Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed. For Debian 9 stretch, these problems have been fixed in version 4.0.0-4+deb9u4. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pillow Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmHtpVIACgkQnUbEiOQ2 gwJE8Q//VtB8hWMGokJyGDClqcHMOGGg1wQTMzuatgE1B0X5hB+vgeUIq1Lb12Fj 3wzy4yzk3bSNfdqXt4aIU8cN23JYvnh3zS8jFHCfqKjPLlS2r9qCnQBrdL5LgN77 /vZeiQv+LAJZ4WW4phkaW4QOPTvg6T2mU3wVBz0FxUEp8zVNa1+acL7LSFocfmnK yWvS4AQv2VDOgH02qcgJrMH3Cnw2twrfGuv0N81uARN4MQb0cG3f1YiAF9hGqd4R wVCi4rVjmuX9O8Bo8CQxnbyGkN8X+TH5ROxWgZBECxS2MgjRi5VfnE/fQS1h47ZT Rfuc/x8rOgiXnYDuxRaQy4WSBPJZ9g+SSzEKiDl48N/sITMOHmjH9UrUAfh+ofIk w5MfYf5hCX7Xkxrz4FIhDuQYm7d8zyY4ZJB2Q9SjjFbotGCYpBJfLakJsNQ21K+j U3Ok2xSbBmhWe8yE8/wSEDC3RktvV7zXr/EVwsIIBSitr82tV/gkzRtiQUT3K17b EVAjnLy+qcB+zQuAs8I3EN8AvYo5cwBCX7aCum+Mw8WICxsbuciVkZY7ezRUXzqT ZTkZUIElsrXceiKpT8f8r4D5sXfL7KtUkzHfFXlRBq1QPlcalRWDuHCsPX+SH7kC //+KQy3wbRLZ61Kvg+XxpSsyHwJ4JP7cZ92yNzLA4mx+9dLO1Nw= =UNCB -----END PGP SIGNATURE-----
