pillow (2.3.0-1ubuntu3.2) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overflow in ImagingFliDecode()
- debian/patches/pillow-CVE-2016-0775.patch: correct memcpy location
- Thanks to Eric Soroos for finding and fixing this issue.
- CVE-2016-0775
* SECURITY UPDATE: buffer overflow in ImagingLibTiffDecode
- debian/patches/pillow-CVE-2016-0740.patch: correct type of size to
match that returned by libtiff
- Thanks to Eric Soroos for finding and fixing this issue.
- CVE-2016-0740
* SECURITY UPDATE: PCD decoder overruns the shuffle buffer
- debian/patches/pillow-CVE-2016-2533.patch: correct size adjustments
- CVE-2016-2533
* SECURITY-UPDATE: Icns DOS fix
- debian/patches/pillow-CVE-2014-3589.patch: Icns DOS fix
- Thanks to Andrew Drake for reporting this issue.
- CVE-2014-3589
* SECURITY-UPDATE: Fix potential PNG decompression DOS
- debian/patches/pillow-CVE-2014-9601.patch: Fix PNG decompresson DOS
- CVE-2014-9601
Date: 2016-09-26 23:36:15.167623+00:00
Changed-By: Emily Ratliff <[email protected]>
https://launchpad.net/ubuntu/+source/pillow/2.3.0-1ubuntu3.2
Sorry, changesfile not available.
--
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
