Your message dated Tue, 20 Jul 2021 17:53:18 +0200
with message-id
<cam8zjqsfzvxfbrca8bdhpuhr3fsmecwtkdvmr3b3qwaje28...@mail.gmail.com>
and subject line Re: Bug#991298: unblock: pillow/8.1.2+dfsg-0.3
has caused the Debian Bug report #991298,
regarding unblock: pillow/8.1.2+dfsg-0.3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
991298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991298
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package pillow
8.1.2+dfsg-0.3 includes fix for CVE-2021-34552
unblock pillow/8.1.2+dfsg-0.3
diffstat for pillow-8.1.2+dfsg pillow-8.1.2+dfsg
changelog | 8 ++++++++
patches/CVE-2021-34552.patch | 40 ++++++++++++++++++++++++++++++++++++++++
patches/series | 1 +
3 files changed, 49 insertions(+)
diff -Nru pillow-8.1.2+dfsg/debian/changelog pillow-8.1.2+dfsg/debian/changelog
--- pillow-8.1.2+dfsg/debian/changelog 2021-06-13 17:11:04.000000000 +0100
+++ pillow-8.1.2+dfsg/debian/changelog 2021-07-19 09:52:20.000000000 +0100
@@ -1,3 +1,11 @@
+pillow (8.1.2+dfsg-0.3) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * CVE-2021-34552 - Replace sprintf with snprintf. Backport upstream change
+ from 8.3 to 8.1.
+
+ -- Neil Williams <[email protected]> Mon, 19 Jul 2021 09:52:20 +0100
+
pillow (8.1.2+dfsg-0.2) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch
pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch
--- pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch 1970-01-01
01:00:00.000000000 +0100
+++ pillow-8.1.2+dfsg/debian/patches/CVE-2021-34552.patch 2021-07-19
09:51:59.000000000 +0100
@@ -0,0 +1,40 @@
+From 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 Mon Sep 17 00:00:00 2001
+From: Andrew Murray <[email protected]>
+Date: Tue, 15 Jun 2021 15:14:26 +1000
+Subject: [PATCH 1/2] Limit sprintf modes to 10 characters
+
+From 518ee3722a99d7f7d890db82a20bd81c1c0327fb Mon Sep 17 00:00:00 2001
+From: Andrew Murray <[email protected]>
+Date: Wed, 30 Jun 2021 23:47:10 +1000
+Subject: [PATCH 2/2] Use snprintf instead of sprintf
+
+* https://github.com/python-pillow/Pillow/pull/5567/files
+* Replace sprintf with snprintf in src/libImaging/Convert.c
+
+---
+--- a/src/libImaging/Convert.c
++++ b/src/libImaging/Convert.c
+@@ -1664,9 +1664,8 @@
+ #ifdef notdef
+ return (Imaging) ImagingError_ValueError("conversion not supported");
+ #else
+- static char buf[256];
+- /* FIXME: may overflow if mode is too large */
+- sprintf(buf, "conversion from %s to %s not supported", imIn->mode,
mode);
++ static char buf[100];
++ snprintf(buf, 100, "conversion from %.10s to %.10s not supported",
imIn->mode, mode);
+ return (Imaging) ImagingError_ValueError(buf);
+ #endif
+ }
+@@ -1724,9 +1723,8 @@
+ }
+ #else
+ {
+- static char buf[256];
+- /* FIXME: may overflow if mode is too large */
+- sprintf(buf, "conversion from %s to %s not supported in
convert_transparent", imIn->mode, mode);
++ static char buf[100];
++ snprintf(buf, 100, "conversion from %.10s to %.10s not supported in
convert_transparent", imIn->mode, mode);
+ return (Imaging) ImagingError_ValueError(buf);
+ }
+ #endif
diff -Nru pillow-8.1.2+dfsg/debian/patches/series
pillow-8.1.2+dfsg/debian/patches/series
--- pillow-8.1.2+dfsg/debian/patches/series 2021-06-13 17:10:51.000000000
+0100
+++ pillow-8.1.2+dfsg/debian/patches/series 2021-07-19 09:45:27.000000000
+0100
@@ -7,3 +7,4 @@
CVE-2021-28676.patch
CVE-2021-28677.patch
CVE-2021-28678.patch
+CVE-2021-34552.patch
--- End Message ---
--- Begin Message ---
Unblocked.
--- End Message ---
