Publishing details

• Removed from disk on 2022-07-24.
• Removal requested on 2022-07-23.
• Published on 2022-01-13
• Copied from ubuntu impish in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

pillow (8.1.2+dfsg-0.3ubuntu0.1) impish-security; urgency=medium

  * SECURITY UPDATE: regular expression DoS
    - debian/patches/CVE-2021-23437.patch: raise ValueError if color
      specifier is too long in Tests/test_imagecolor.py,
      src/PIL/ImageColor.py.
    - CVE-2021-23437
  * SECURITY UPDATE: improper initialization
    - debian/patches/CVE-2022-22815.patch: initialize coordinates to zero
      in Tests/test_imagepath.py, src/path.c.
    - CVE-2022-22815
  * SECURITY UPDATE: buffer over-read during initialization
    - debian/patches/CVE-2022-22816.patch: handle case where path count is
      zero in Tests/test_imagepath.py, src/path.c.
    - CVE-2022-22816
  * SECURITY UPDATE: evaluation of arbitrary expressions
    - debian/patches/CVE-2022-22817.patch: restrict builtins for
      ImageMath.eval in Tests/test_imagemath.py, src/PIL/ImageMath.py.
    - CVE-2022-22817

 -- Marc Deslauriers <email address hidden>  Wed, 12 Jan 2022 12:49:56 -0500

Builds

• amd64
• arm64
• armhf
• ppc64el
• riscv64
• s390x

Package files

• pillow_8.1.2+dfsg-0.3ubuntu0.1.debian.tar.xz (23.4 KiB)
• pillow_8.1.2+dfsg-0.3ubuntu0.1.dsc (2.5 KiB)
• pillow_8.1.2+dfsg.orig.tar.xz (35.8 MiB)
• python-pil-doc_8.1.2+dfsg-0.3ubuntu0.1_all.deb (575.9 KiB)
• python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb (1.2 MiB)
• python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_arm64.deb (1.1 MiB)
• python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_armhf.deb (1.1 MiB)
• python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_ppc64el.deb (1.2 MiB)
• python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_riscv64.deb (1.1 MiB)
• python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_s390x.deb (1.2 MiB)
• python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb (27.2 KiB)
• python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_arm64.deb (27.3 KiB)
• python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_armhf.deb (26.8 KiB)
• python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_ppc64el.deb (28.3 KiB)
• python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_riscv64.deb (26.6 KiB)
• python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_s390x.deb (26.8 KiB)
• python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb (11.1 KiB)
• python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_arm64.deb (11.1 KiB)
• python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_armhf.deb (10.5 KiB)
• python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_ppc64el.deb (11.6 KiB)
• python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_riscv64.deb (10.3 KiB)
• python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_s390x.deb (10.9 KiB)
• python3-pil_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb (396.4 KiB)
• python3-pil_8.1.2+dfsg-0.3ubuntu0.1_arm64.deb (390.1 KiB)
• python3-pil_8.1.2+dfsg-0.3ubuntu0.1_armhf.deb (366.2 KiB)
• python3-pil_8.1.2+dfsg-0.3ubuntu0.1_ppc64el.deb (432.3 KiB)
• python3-pil_8.1.2+dfsg-0.3ubuntu0.1_riscv64.deb (382.7 KiB)
• python3-pil_8.1.2+dfsg-0.3ubuntu0.1_s390x.deb (400.1 KiB)