UbuntuUpdates.org

Package "python3-pil-dbg"

Name: python3-pil-dbg

Description:

Python Imaging Library (Python3 debug extension)

Latest version: 7.0.0-4ubuntu0.9
Release: focal (20.04)
Level: updates
Repository: main
Head package: pillow
Homepage: http://python-pillow.github.io/

Links


Download "python3-pil-dbg"


Other versions of "python3-pil-dbg" in Focal

Repository Area Version
base main 7.0.0-4build1
security main 7.0.0-4ubuntu0.9

Changelog

Version: 7.0.0-4ubuntu0.9 2024-04-22 12:07:17 UTC

  pillow (7.0.0-4ubuntu0.9) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow in imagingcms.c
    - debian/patches/CVE-2024-28219.patch: Use strncpy
    to avoid buffer overflow
    - CVE-2024-28219

 -- Nick Galanis <email address hidden> Fri, 12 Apr 2024 15:21:40 +0100

Source diff to previous version
CVE-2024-28219 In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Version: 7.0.0-4ubuntu0.8 2024-01-31 16:09:59 UTC

  pillow (7.0.0-4ubuntu0.8) focal-security; urgency=medium

  * SECURITY UPDATE: DoS in ImageFont via large textlength
    - debian/patches/CVE-2023-44271.patch: added a maximum string length in
      Tests/test_imagefont.py, docs/reference/ImageFont.rst,
      src/PIL/ImageFont.py.
    - CVE-2023-44271
  * SECURITY UPDATE: PIL.ImageMath.eval Arbitrary Code Execution
    - debian/patches/CVE-2023-50447-1.patch: don't allow __ or builtins in
      env dictionarys for ImageMath.eval in src/PIL/ImageMath.py.
    - debian/patches/CVE-2023-50447-2.patch: allow ops in
      Tests/test_imagemath.py, src/PIL/ImageMath.py.
    - debian/patches/CVE-2023-50447-3.patch: include further builtins in
      Tests/test_imagemath.py, src/PIL/ImageMath.py.
    - CVE-2023-50447

 -- Marc Deslauriers <email address hidden> Thu, 25 Jan 2024 12:48:42 -0500

Source diff to previous version
CVE-2023-44271 An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially
CVE-2023-50447 Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817

Version: 7.0.0-4ubuntu0.7 2022-12-13 15:06:33 UTC

  pillow (7.0.0-4ubuntu0.7) focal-security; urgency=medium

  * SECURITY UPDATE: arbitrary file deletion
    - debian/patches/CVE-2022-24303.patch: No longer remove temporary images
      manually in src/PIL/ImageShow.py.
    - CVE-2022-24303
  * SECURITY UPDATE: gif decompression bomb issue
    - debian/patches/CVE-2022-45198.patch: Added GIF decompression bomb check
      in src/PIL/GifImagePlugin.py.
    - CVE-2022-45198

 -- Fabian Toepfer <email address hidden> Mon, 12 Dec 2022 21:23:40 +0100

Source diff to previous version
CVE-2022-24303 Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
CVE-2022-45198 Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).

Version: 7.0.0-4ubuntu0.6 2022-10-24 16:06:28 UTC

  pillow (7.0.0-4ubuntu0.6) focal-security; urgency=medium

  * SECURITY UPDATE: incomplete fix for CVE-2022-22817
    - debian/patches/CVE-2022-22817-2.patch: restrict builtins within
      lambdas for ImageMath.eval in Tests/test_imagemath.py,
      src/PIL/ImageMath.py.
    - CVE-2022-22817

 -- Marc Deslauriers <email address hidden> Thu, 20 Oct 2022 11:28:59 -0400

Source diff to previous version
CVE-2022-22817 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.

Version: 7.0.0-4ubuntu0.5 2022-01-13 16:06:28 UTC

  pillow (7.0.0-4ubuntu0.5) focal-security; urgency=medium

  * SECURITY UPDATE: regular expression DoS
    - debian/patches/CVE-2021-23437.patch: raise ValueError if color
      specifier is too long in Tests/test_imagecolor.py,
      src/PIL/ImageColor.py.
    - CVE-2021-23437
  * SECURITY UPDATE: Dos via buffer overflow
    - debian/patches/CVE-2021-34552.patch: limit sprintf modes to 10
      characters in src/libImaging/Convert.c.
    - CVE-2021-34552
  * SECURITY UPDATE: improper initialization
    - debian/patches/CVE-2022-22815.patch: initialize coordinates to zero
      in src/path.c.
    - CVE-2022-22815
  * SECURITY UPDATE: buffer over-read during initialization
    - debian/patches/CVE-2022-22816.patch: handle case where path count is
      zero in src/path.c.
    - CVE-2022-22816
  * SECURITY UPDATE: evaluation of arbitrary expressions
    - debian/patches/CVE-2022-22817.patch: restrict builtins for
      ImageMath.eval in Tests/test_imagemath.py, src/PIL/ImageMath.py.
    - CVE-2022-22817

 -- Marc Deslauriers <email address hidden> Wed, 12 Jan 2022 13:05:20 -0500

CVE-2021-23437 The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
CVE-2021-34552 Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert funct
CVE-2022-22815 path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
CVE-2022-22816 path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
CVE-2022-22817 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.



About   -   Send Feedback to @ubuntu_updates