This bug was fixed in the package pillow 3.1.1-1 --- pillow (3.1.1-1) unstable; urgency=medium
* Pillow 3.1.1 release. - CVE-2016-0740: Fix buffer overflow in TiffDecode.c. Closes: #813905. - CVE-2016-0775: Fix buffer overflow in FliDecode.c. Closes: #813909. -- Matthias Klose <d...@debian.org> Wed, 10 Feb 2016 10:40:44 +0100 ** Information type changed from Public to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-0740 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-0775 ** Changed in: pillow (Ubuntu) Importance: Critical => High ** Changed in: pillow (Ubuntu) Status: Confirmed => Fix Released ** Tags removed: 16.04 python -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1542095 Title: Upgrade to at least 3.1.1 from February 2016 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pillow/+bug/1542095/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs