Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d60382a2 by Salvatore Bonaccorso at 2020-01-03T09:43:57+01:00
Add CVE-2020-531{0,1,2,3}/pillow
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,17 @@
CVE-2020-5314
RESERVED
CVE-2020-5313 (libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer
overfl ...)
- TODO: check
+ - pillow <unfixed>
+ NOTE:
https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b
(6.2.2)
CVE-2020-5312 (libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode
buffer ...)
- TODO: check
+ - pillow <unfixed>
+ NOTE:
https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd
(6.2.2)
CVE-2020-5311 (libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI
buffer ove ...)
- TODO: check
+ - pillow <unfixed>
+ NOTE:
https://github.com/python-pillow/Pillow/commit/a79b65c47c7dc6fe623aadf09aa6192fc54548f3
(6.2.2)
CVE-2020-5310 (libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF
decoding int ...)
- TODO: check
+ - pillow <unfixed>
+ NOTE:
https://github.com/python-pillow/Pillow/commit/4e2def2539ec13e53a82e06c4b3daf00454100c4
(6.2.2)
CVE-2020-5309
RESERVED
CVE-2020-5308
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d60382a297f1c3d09cc1eb230a2f58804badb807
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d60382a297f1c3d09cc1eb230a2f58804badb807
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
