subject:"Bug#948224\: pillow\: CVE\-2020\-5310 CVE\-2020\-5311 CVE\-2020\-5312 CVE\-2020\-5313"

Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

2020-02-13 Thread Robert Scott

FWIW I'm fairly convinced that the first vulnerable version for CVE-2020-5310 is 6.0.0, which is the first release that included https://github.com/python-pillow/Pillow/commit/e91b851fdc1c914419543f485bdbaa010790719f which introduced the overflow when switching away from the safer TIFFTileSize

Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

2020-01-05 Thread Salvatore Bonaccorso

Control: found -1 6.2.1-2 Control: retitle pillow: CVE-2019-19911 CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313 Hi, On Sun, Jan 05, 2020 at 04:30:36PM +0100, Markus Koschany wrote: > The following vulnerabilities were published for pillow. It appears they > are fixed in version 6.2.2.

Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

2020-01-05 Thread Markus Koschany

Package: pillow X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for pillow. It appears they are fixed in version 6.2.2. CVE-2020-5310[0]: | libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding | integer overflow

Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313

3 matches

Site Navigation

Mail list logo

Footer information