Change log for pillow package in Ubuntu
| 1 → 75 of 88 results | First • Previous • Next • Last |
pillow (3.1.2-0ubuntu1.5) xenial-security; urgency=medium
* SECURITY UPDATE: buffer over-read via PCX file
- debian/patches/CVE-2020-35653.patch: don't trust the image to specify
a buffer size in PIL/PcxImagePlugin.py, removed failing test in
Tests/test_image.py.
- CVE-2020-35653
-- Marc Deslauriers <email address hidden> Wed, 13 Jan 2021 10:51:58 -0500
Available diffs
pillow (5.1.0-1ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: buffer over-read via PCX file
- debian/patches/CVE-2020-35653.patch: don't trust the image to specify
a buffer size in src/PIL/PcxImagePlugin.py.
- CVE-2020-35653
* SECURITY UPDATE: buffer over-read via SGI RLE image file
- debian/patches/CVE-2020-35655-1.patch: add checks to
src/libImaging/SgiRleDecode.c.
- debian/patches/CVE-2020-35655-2.patch: rework error flags in
src/libImaging/SgiRleDecode.c.
- CVE-2020-35655
-- Marc Deslauriers <email address hidden> Wed, 13 Jan 2021 10:51:02 -0500
Available diffs
pillow (7.0.0-4ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: buffer over-read via PCX file
- debian/patches/CVE-2020-35653.patch: don't trust the image to specify
a buffer size in src/PIL/PcxImagePlugin.py.
- CVE-2020-35653
* SECURITY UPDATE: heap overflow via YCbCr files
- debian/patches/CVE-2020-35654-1.patch: fix tiff comparison warnings
in src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-35654-2.patch: fix OOB write in
src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-35654-3.patch: rework ReadTile in
src/libImaging/TiffDecode.c.
- CVE-2020-35654
* SECURITY UPDATE: buffer over-read via SGI RLE image file
- debian/patches/CVE-2020-35655-1.patch: add checks to
src/libImaging/SgiRleDecode.c.
- debian/patches/CVE-2020-35655-2.patch: rework error flags in
src/libImaging/SgiRleDecode.c.
- CVE-2020-35655
-- Marc Deslauriers <email address hidden> Wed, 13 Jan 2021 09:55:14 -0500
Available diffs
pillow (7.2.0-1ubuntu0.1) groovy-security; urgency=medium
* SECURITY UPDATE: buffer over-read via PCX file
- debian/patches/CVE-2020-35653.patch: don't trust the image to specify
a buffer size in src/PIL/PcxImagePlugin.py.
- CVE-2020-35653
* SECURITY UPDATE: heap overflow via YCbCr files
- debian/patches/CVE-2020-35654-1.patch: fix tiff comparison warnings
in src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-35654-2.patch: fix OOB write in
src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-35654-3.patch: rework ReadTile in
src/libImaging/TiffDecode.c.
- CVE-2020-35654
* SECURITY UPDATE: buffer over-read via SGI RLE image file
- debian/patches/CVE-2020-35655-1.patch: add checks to
src/libImaging/SgiRleDecode.c.
- debian/patches/CVE-2020-35655-2.patch: rework error flags in
src/libImaging/SgiRleDecode.c.
- CVE-2020-35655
-- Marc Deslauriers <email address hidden> Wed, 13 Jan 2021 09:35:02 -0500
Available diffs
pillow (8.1.0-1) unstable; urgency=medium * New upstream version. * Bump standards and debhelper versions. -- Matthias Klose <email address hidden> Wed, 06 Jan 2021 13:18:02 +0100
Available diffs
| Superseded in hirsute-release on 2021-01-07 |
| Deleted in hirsute-proposed on 2021-01-08 (Reason: moved to Release) |
pillow (8.0.1-1build1) hirsute; urgency=medium * No-change rebuild to drop python3.8 extensions. -- Matthias Klose <email address hidden> Mon, 07 Dec 2020 18:45:05 +0100
Available diffs
- diff from 8.0.1-1 (in Debian) to 8.0.1-1build1 (313 bytes)
| Superseded in hirsute-release on 2020-12-15 |
| Deleted in hirsute-proposed on 2020-12-16 (Reason: moved to Release) |
pillow (8.0.1-1) unstable; urgency=medium * New upstream version. -- Matthias Klose <email address hidden> Thu, 29 Oct 2020 20:02:10 +0100
Available diffs
- diff from 7.2.0-1build1 (in Ubuntu) to 8.0.1-1 (153.1 KiB)
| Superseded in hirsute-release on 2020-11-16 |
| Deleted in hirsute-proposed on 2020-11-17 (Reason: moved to Release) |
pillow (7.2.0-1build1) hirsute; urgency=medium * No-change rebuild to build with python3.9 as supported. -- Matthias Klose <email address hidden> Sat, 24 Oct 2020 12:44:06 +0200
Available diffs
- diff from 7.2.0-1 (in Debian) to 7.2.0-1build1 (318 bytes)
pillow (7.0.0-4ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: multiple out of bounds reads
- debian/patches/CVE-2020-10177-1.patch: fix issue in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-2.patch: refactor to macro in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-3.patch: fix OOB Reads in SS2 Chunk in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-4.patch: fix OOB in LC packet in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-5.patch: fix OOB Advance Values in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-6.patch: fix OOB Read in FLI Copy Chunk
in src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-7.patch: fix comments in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-8.patch: additional FLI check in
src/libImaging/FliDecode.c.
- CVE-2020-10177
* SECURITY UPDATE: out of bounds read with PCX files
- debian/patches/CVE-2020-10378.patch: fix OOB Access in
src/libImaging/PcxDecode.c.
- CVE-2020-10378
* SECURITY UPDATE: two buffer overflows
- debian/patches/CVE-2020-10379-1.patch: ensure that Tiff's concept of
Strip and Tilesize matches Pillow's in src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-10379-2.patch: avoid uninitialized read in
src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-10379-3.patch: fix typos in
src/libImaging/TiffDecode.c.
- CVE-2020-10379
* SECURITY UPDATE: out-of-bounds read via JP2 file
- debian/patches/CVE-2020-10994-1.patch: fix for OOB Read in
src/libImaging/Jpeg2KDecode.c.
- debian/patches/CVE-2020-10994-2.patch: fix typo in
src/libImaging/Jpeg2KDecode.c.
- CVE-2020-10994
* SECURITY UPDATE: out-of-bounds read via SGI file
- debian/patches/CVE-2020-11538.patch: track number of pixels, not the
number of runs in src/libImaging/SgiRleDecode.c.
- CVE-2020-11538
-- Marc Deslauriers <email address hidden> Tue, 07 Jul 2020 13:14:10 -0400
Available diffs
| Superseded in hirsute-release on 2020-10-25 |
| Published in groovy-release on 2020-07-17 |
| Deleted in groovy-proposed (Reason: moved to Release) |
pillow (7.2.0-1) unstable; urgency=medium
* New upstream version.
* Update debian/copyright, partially addresses #952899.
- Mention contributors.
- Add copyright information for fonts.
* Bump debhelper version.
-- Matthias Klose <email address hidden> Thu, 16 Jul 2020 13:42:51 +0200
Available diffs
- diff from 7.0.0-4ubuntu1 (in Ubuntu) to 7.2.0-1 (398.4 KiB)
pillow (5.1.0-1ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: multiple out of bounds reads
- debian/patches/CVE-2020-10177-1.patch: fix issue in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-2.patch: refactor to macro in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-3.patch: fix OOB Reads in SS2 Chunk in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-4.patch: fix OOB in LC packet in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-5.patch: fix OOB Advance Values in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-6.patch: fix OOB Read in FLI Copy Chunk
in src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-7.patch: fix comments in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-8.patch: additional FLI check in
src/libImaging/FliDecode.c.
- CVE-2020-10177
* SECURITY UPDATE: out of bounds read with PCX files
- debian/patches/CVE-2020-10378.patch: fix OOB Access in
src/libImaging/PcxDecode.c.
- CVE-2020-10378
* SECURITY UPDATE: out-of-bounds read via JP2 file
- debian/patches/CVE-2020-10994-1.patch: fix for OOB Read in
src/libImaging/Jpeg2KDecode.c.
- debian/patches/CVE-2020-10994-2.patch: fix typo in
src/libImaging/Jpeg2KDecode.c.
- CVE-2020-10994
* SECURITY UPDATE: out-of-bounds read via SGI file
- debian/patches/CVE-2020-11538.patch: track number of pixels, not the
number of runs in src/libImaging/SgiRleDecode.c.
- CVE-2020-11538
-- Marc Deslauriers <email address hidden> Tue, 07 Jul 2020 13:35:30 -0400
Available diffs
pillow (3.1.2-0ubuntu1.4) xenial-security; urgency=medium
* SECURITY UPDATE: multiple out of bounds reads
- debian/patches/CVE-2020-10177-1.patch: fix issue in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-2.patch: refactor to macro in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-3.patch: fix OOB Reads in SS2 Chunk in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-4.patch: fix OOB in LC packet in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-5.patch: fix OOB Advance Values in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-6.patch: fix OOB Read in FLI Copy Chunk
in src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-7.patch: fix comments in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-8.patch: additional FLI check in
src/libImaging/FliDecode.c.
- CVE-2020-10177
* SECURITY UPDATE: out of bounds read with PCX files
- debian/patches/CVE-2020-10378.patch: fix OOB Access in
src/libImaging/PcxDecode.c.
- CVE-2020-10378
* SECURITY UPDATE: out-of-bounds read via JP2 file
- debian/patches/CVE-2020-10994-1.patch: fix for OOB Read in
src/libImaging/Jpeg2KDecode.c.
- debian/patches/CVE-2020-10994-2.patch: fix typo in
src/libImaging/Jpeg2KDecode.c.
- CVE-2020-10994
-- Marc Deslauriers <email address hidden> Tue, 07 Jul 2020 13:43:43 -0400
Available diffs
| Superseded in groovy-release on 2020-07-17 |
| Deleted in groovy-proposed on 2020-07-19 (Reason: moved to Release) |
pillow (7.0.0-4ubuntu1) groovy; urgency=medium
* SECURITY UPDATE: multiple out of bounds reads
- debian/patches/CVE-2020-10177-1.patch: fix issue in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-2.patch: refactor to macro in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-3.patch: fix OOB Reads in SS2 Chunk in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-4.patch: fix OOB in LC packet in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-5.patch: fix OOB Advance Values in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-6.patch: fix OOB Read in FLI Copy Chunk
in src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-7.patch: fix comments in
src/libImaging/FliDecode.c.
- debian/patches/CVE-2020-10177-8.patch: additional FLI check in
src/libImaging/FliDecode.c.
- CVE-2020-10177
* SECURITY UPDATE: out of bounds read with PCX files
- debian/patches/CVE-2020-10378.patch: fix OOB Access in
src/libImaging/PcxDecode.c.
- CVE-2020-10378
* SECURITY UPDATE: two buffer overflows
- debian/patches/CVE-2020-10379-1.patch: ensure that Tiff's concept of
Strip and Tilesize matches Pillow's in src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-10379-2.patch: avoid uninitialized read in
src/libImaging/TiffDecode.c.
- debian/patches/CVE-2020-10379-3.patch: fix typos in
src/libImaging/TiffDecode.c.
- CVE-2020-10379
* SECURITY UPDATE: out-of-bounds read via JP2 file
- debian/patches/CVE-2020-10994-1.patch: fix for OOB Read in
src/libImaging/Jpeg2KDecode.c.
- debian/patches/CVE-2020-10994-2.patch: fix typo in
src/libImaging/Jpeg2KDecode.c.
- CVE-2020-10994
* SECURITY UPDATE: out-of-bounds read via SGI file
- debian/patches/CVE-2020-11538.patch: track number of pixels, not the
number of runs in src/libImaging/SgiRleDecode.c.
- CVE-2020-11538
-- Marc Deslauriers <email address hidden> Tue, 07 Jul 2020 13:14:10 -0400
Available diffs
| Superseded in groovy-release on 2020-07-14 |
| Published in focal-release on 2020-02-21 |
| Deleted in focal-proposed (Reason: moved to Release) |
pillow (7.0.0-4build1) focal; urgency=medium * No-change rebuild to drop python3.7. -- Matthias Klose <email address hidden> Tue, 18 Feb 2020 10:44:40 +0100
Available diffs
- diff from 7.0.0-4 (in Debian) to 7.0.0-4build1 (319 bytes)
pillow (6.1.0-1ubuntu0.2) eoan-security; urgency=medium
* SECURITY UPDATE: Exceed memory amount and delay in process image
- debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
PIL/PsdImagePlugin.py, Added decompression bomb checks in
PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
in Tests/images/*.
- CVE-2019-16865
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-19911.patch: Raise an error for an invalid
number of bands in FPX image in PIL/FpxImagePlugin.py and added some
testes in Test/images/*.
- CVE-2019-19911
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2020-5310.patch: Overflow checks for realloc for tiff
decoding in src/libImaging/TiffDecode.c and added tests in Test/images/*.
- CVE-2020-5310
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5311.patch: catch SGI buffer overruns
in src/libImaging/SgiRleDecode.c.
- CVE-2020-5311
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
in libImaging/PcxDecode.c and added some tests in Test/images/*.
- CVE-2020-5312
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
libImaging/FliDecode.c and added some tests in Test/images/*.
- CVE-2020-5313
-- <email address hidden> (Leonidas S. Barbosa) Mon, 03 Feb 2020 14:50:52 -0300
Available diffs
- diff from 6.1.0-1ubuntu0.1 to 6.1.0-1ubuntu0.2 (560 bytes)
pillow (5.1.0-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Exceed memory amount and delay in process image
- debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
PIL/PsdImagePlugin.py, Added decompression bomb checks in
PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
in Tests/images/*.
- CVE-2019-16865
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-19911.patch: Raise an error for an invalid
number of bands in FPX image in PIL/FpxImagePlugin.py and added some
testes in Test/images/*.
- CVE-2019-19911
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5311.patch: catch SGI buffer overruns
in src/libImaging/SgiRleDecode.c.
- CVE-2020-5311
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
in libImaging/PcxDecode.c and added some tests in Test/images/*.
- CVE-2020-5312
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
libImaging/FliDecode.c and added some tests in Test/images/*.
- CVE-2020-5313
-- <email address hidden> (Leonidas S. Barbosa) Mon, 03 Feb 2020 13:04:40 -0300
Available diffs
- diff from 5.1.0-1ubuntu0.1 to 5.1.0-1ubuntu0.2 (473 bytes)
pillow (3.1.2-0ubuntu1.3) xenial-security; urgency=medium
* SECURITY UPDATE: Exceed memory amount and delay in process image
- debian/patches/CVE-2019-16865-*.patch: Corrected negative seeks in
PIL/PsdImagePlugin.py, Added decompression bomb checks in
PIL/GifImagePlugin.py and PIL/IcoImagePlugin.py, Catch buffer overruns
in libImaging/PcxDecode.c, libImaging/FliDecode.c and added some tests
in Tests/images/*.
- CVE-2019-16865
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-19911.patch: Raise an error for an invalid
number of bands in FPX image in PIL/FpxImagePlugin.py.
- CVE-2019-19911
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5312.patch: Catch PCX P mode buffer overrun
in libImaging/PcxDecode.c.
- CVE-2020-5312
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2020-5313.patch: catch FLI buffer overrun in
libImaging/FliDecode.c.
- CVE-2020-5313
* Fix decompression tests that failed
- debian/patches/Fixing_decompression_test.patch: Tests/test_decompression.py.
-- <email address hidden> (Leonidas S. Barbosa) Thu, 30 Jan 2020 17:15:56 -0300
Available diffs
| Superseded in focal-release on 2020-02-21 |
| Deleted in focal-proposed on 2020-02-22 (Reason: moved to Release) |
pillow (7.0.0-4) unstable; urgency=medium * Don't rely on python2's python.mk in the build. * Bump standards version. -- Matthias Klose <email address hidden> Wed, 29 Jan 2020 08:33:20 +0100
Available diffs
- diff from 6.2.1-2 to 7.0.0-4 (173.2 KiB)
- diff from 7.0.0-3 to 7.0.0-4 (685 bytes)
pillow (7.0.0-3) unstable; urgency=medium * Drop the Python2 autopkg tests. -- Matthias Klose <email address hidden> Sun, 12 Jan 2020 09:54:31 +0100
Available diffs
- diff from 7.0.0-2 to 7.0.0-3 (848 bytes)
pillow (7.0.0-2) unstable; urgency=medium * Build-depend on python2 for the use of python.mk. -- Matthias Klose <email address hidden> Mon, 06 Jan 2020 16:19:39 +0100
Available diffs
- diff from 6.2.1-2 to 7.0.0-2 (172.5 KiB)
| Superseded in focal-release on 2020-01-29 |
| Deleted in focal-proposed on 2020-02-09 (Reason: moved to Release) |
pillow (6.2.1-2) unstable; urgency=medium * Call python2 in the autopkg python2 tests. -- Matthias Klose <email address hidden> Mon, 04 Nov 2019 08:41:21 +0100
Available diffs
- diff from 6.1.0-1build1 (in Ubuntu) to 6.2.1-2 (59.0 KiB)
- diff from 6.2.1-1 to 6.2.1-2 (542 bytes)
pillow (6.2.1-1) unstable; urgency=medium * New upstream version, "last Pillow release to support Python 2.7". * Replaces python-dbg debpendencies with python2-dbg. * Remove Python2 suggests. -- Matthias Klose <email address hidden> Sat, 26 Oct 2019 16:49:09 +0200
Available diffs
- diff from 6.2.0-1 to 6.2.1-1 (3.3 KiB)
| Superseded in focal-release on 2019-11-10 |
| Deleted in focal-proposed on 2019-11-11 (Reason: moved to Release) |
pillow (6.1.0-1build1) focal; urgency=medium * No-change rebuild to build with python3.8. -- Matthias Klose <email address hidden> Fri, 18 Oct 2019 18:08:59 +0000
Available diffs
- diff from 6.1.0-1 (in Debian) to 6.1.0-1build1 (306 bytes)
pillow (6.2.0-1) unstable; urgency=medium * New upstream version, last version supporting Python2. * Bump standards version. -- Matthias Klose <email address hidden> Wed, 16 Oct 2019 15:47:42 +0200
Available diffs
| Superseded in focal-release on 2019-10-25 |
| Obsolete in eoan-release on 2020-12-29 |
| Deleted in eoan-proposed on 2020-12-29 (Reason: moved to release) |
pillow (6.1.0-1) unstable; urgency=medium * New upstream version. -- Matthias Klose <email address hidden> Sun, 07 Jul 2019 14:36:49 +0200
Available diffs
- diff from 5.4.1-2 to 6.1.0-1 (379.9 KiB)
| Superseded in eoan-release on 2019-07-12 |
| Deleted in eoan-proposed on 2019-07-13 (Reason: moved to release) |
pillow (5.4.1-2) unstable; urgency=medium * Allow for unknown PNG chunks after image data. Closes: #926552. -- Matthias Klose <email address hidden> Sun, 07 Apr 2019 02:53:28 +0200
Available diffs
- diff from 5.4.1-1 to 5.4.1-2 (992 bytes)
| Superseded in eoan-release on 2019-04-22 |
| Obsolete in disco-release on 2020-07-14 |
| Deleted in disco-proposed on 2020-07-14 (Reason: moved to release) |
pillow (5.4.1-1) unstable; urgency=medium * New upstream version. * Enable imagequant support. -- Matthias Klose <email address hidden> Fri, 18 Jan 2019 11:05:56 +0100
Available diffs
- diff from 5.3.0-1 to 5.4.1-1 (61.3 KiB)
| Superseded in disco-release on 2018-11-20 |
| Deleted in disco-proposed on 2018-11-21 (Reason: moved to release) |
pillow (5.2.0-2build1) disco; urgency=medium * No-change rebuild to build without python3.6 support. -- Matthias Klose <email address hidden> Sat, 03 Nov 2018 11:52:02 +0000
Available diffs
- diff from 5.2.0-2 (in Debian) to 5.2.0-2build1 (337 bytes)
| Superseded in disco-release on 2019-03-20 |
| Deleted in disco-proposed on 2019-03-22 (Reason: moved to release) |
pillow (5.3.0-1) unstable; urgency=medium * New upstream version. -- Matthias Klose <email address hidden> Thu, 18 Oct 2018 12:16:31 +0200
Available diffs
| Superseded in disco-release on 2018-11-07 |
| Obsolete in cosmic-release on 2020-07-13 |
| Deleted in cosmic-proposed on 2020-07-13 (Reason: moved to release) |
pillow (5.2.0-2) unstable; urgency=medium * Apply proposed patch for issue #3227. Closes: #887752. -- Matthias Klose <email address hidden> Fri, 20 Jul 2018 14:57:58 +0200
Available diffs
- diff from 5.2.0-1 to 5.2.0-2 (4.2 KiB)
| Superseded in cosmic-release on 2018-07-20 |
| Deleted in cosmic-proposed on 2018-07-22 (Reason: moved to release) |
pillow (5.2.0-1) unstable; urgency=medium * New upstream version. -- Matthias Klose <email address hidden> Wed, 11 Jul 2018 14:50:06 +0200
Available diffs
| Superseded in cosmic-release on 2018-07-11 |
| Deleted in cosmic-proposed on 2018-07-13 (Reason: moved to release) |
pillow (5.1.0-1build1) cosmic; urgency=medium * No-change rebuild to build for python3.7. -- Matthias Klose <email address hidden> Thu, 28 Jun 2018 06:54:03 +0000
Available diffs
- diff from 5.1.0-1 (in Debian) to 5.1.0-1build1 (306 bytes)
| Superseded in cosmic-release on 2018-06-29 |
| Published in bionic-release on 2018-04-10 |
| Deleted in bionic-proposed (Reason: moved to release) |
pillow (5.1.0-1) unstable; urgency=medium * New upstream version. * Add recommendations for olefile. -- Matthias Klose <email address hidden> Mon, 09 Apr 2018 15:43:37 +0200
Available diffs
- diff from 5.0.0-1 to 5.1.0-1 (72.5 KiB)
| Superseded in bionic-release on 2018-04-10 |
| Deleted in bionic-proposed on 2018-04-11 (Reason: moved to release) |
pillow (5.0.0-1) unstable; urgency=medium
* New upstream version.
- Closing old python-imaging issues. Closes: #510877, #708449, #806973.
- Example scripts not installed anymore. Closes: #513536, #554906.
* Stop building the python-imaging package.
* Build-depend on libraqm-dev.
* python-pil-doc: Stop suggesting python-pil-doc-html. Closes: #814567.
-- Matthias Klose <email address hidden> Sat, 06 Jan 2018 00:24:59 +0100
Available diffs
- diff from 4.3.0-2ubuntu1 (in Ubuntu) to 5.0.0-1 (830.3 KiB)
| Superseded in bionic-release on 2018-03-09 |
| Deleted in bionic-proposed on 2018-03-11 (Reason: moved to release) |
pillow (4.3.0-2ubuntu1) bionic; urgency=medium
* Apply fix for upstream issue #2825. Not updating the binary test
files, not running the test on 32bit targets.
-- Matthias Klose <email address hidden> Sat, 16 Dec 2017 09:21:02 +0100
Available diffs
- diff from 4.1.1-3build2 to 4.3.0-2ubuntu1 (148.7 KiB)
- diff from 4.3.0-2 (in Debian) to 4.3.0-2ubuntu1 (1.1 KiB)
pillow (4.3.0-2) unstable; urgency=medium * Install the ImagingUtils.h header file. Closes: #879788. -- Matthias Klose <email address hidden> Thu, 26 Oct 2017 08:53:42 +0200
| Superseded in bionic-release on 2017-12-16 |
| Obsolete in artful-release on 2020-07-10 |
| Deleted in artful-proposed on 2020-07-10 (Reason: moved to release) |
pillow (4.1.1-3build2) artful; urgency=medium * No change rebuild to drop Python 3.5 support. -- Michael Hudson-Doyle <email address hidden> Mon, 14 Aug 2017 13:28:56 +1200
Available diffs
- diff from 4.1.1-3build1 to 4.1.1-3build2 (325 bytes)
- diff from 4.2.1-1 (in Debian) to 4.1.1-3build2 (64.6 KiB)
| Deleted in artful-proposed on 2017-08-08 (Reason: temporarily remove pillow, causing regressions building s...) |
pillow (4.2.1-1) unstable; urgency=medium * New upstream version. -- Matthias Klose <email address hidden> Thu, 03 Aug 2017 18:56:22 -0400
Available diffs
| Superseded in artful-release on 2017-08-14 |
| Deleted in artful-proposed on 2017-08-16 (Reason: moved to release) |
| Superseded in artful-proposed on 2017-08-04 |
pillow (4.1.1-3build1) artful; urgency=medium * No-change rebuild against libwebpmux3 -- Steve Langasek <email address hidden> Fri, 28 Jul 2017 03:56:21 +0000
Available diffs
- diff from 4.2.1-1 (in Debian) to 4.1.1-3build1 (64.5 KiB)
- diff from 4.1.1-3 (in Debian) to 4.1.1-3build1 (536 bytes)
| Superseded in artful-release on 2017-08-08 |
| Deleted in artful-proposed on 2017-08-10 (Reason: moved to release) |
pillow (4.1.1-3) unstable; urgency=medium * Restore the python-imaging package for the upload to unstable. -- Matthias Klose <email address hidden> Sat, 01 Jul 2017 12:08:54 +0200
Available diffs
- diff from 4.0.0-4 to 4.1.1-3 (151.7 KiB)
- diff from 4.1.1-2 to 4.1.1-3 (1.1 KiB)
pillow (4.1.1-2) experimental; urgency=medium * Re-add olefile build dependencies. -- Matthias Klose <email address hidden> Fri, 12 May 2017 12:24:32 -0700
pillow (2.3.0-1ubuntu3.4) trusty-security; urgency=medium
* SECURITY UPDATE: information disclosure via crafted image
- debian/patches/CVE-2016-9189.patch: add overflow checks to map.c.
- CVE-2016-9189
* SECURITY UPDATE: code execution via crafted image
- debian/patches/CVE-2016-9190.patch: add size check to
libImaging/Storage.c, add test to Tests/images/negative_size.ppm,
Tests/test_file_ppm.py.
- CVE-2016-9190
* SECURITY UPDATE: re-enabled CVE-2014-9601 fix
- debian/patches/pillow-CVE-2014-9601-pre.patch: rename len variables
as length in PIL/PngImagePlugin.py.
- debian/patches/pillow-CVE-2014-9601.patch: updated.
- debian/patches/revert-CVE-201409601.patch: removed
- CVE-2014-9601
-- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 08:26:41 -0500
Available diffs
pillow (3.3.1-1ubuntu0.1) yakkety-security; urgency=medium
* SECURITY UPDATE: information disclosure via crafted image
- debian/patches/CVE-2016-9189.patch: add overflow checks to map.c.
- CVE-2016-9189
* SECURITY UPDATE: code execution via crafted image
- debian/patches/CVE-2016-9190.patch: add size check to
libImaging/Storage.c, add test to Tests/images/negative_size.ppm,
Tests/test_file_ppm.py.
- CVE-2016-9190
-- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 08:00:21 -0500
Available diffs
pillow (3.1.2-0ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: information disclosure via crafted image
- debian/patches/CVE-2016-9189.patch: add overflow checks to map.c.
- CVE-2016-9189
* SECURITY UPDATE: code execution via crafted image
- debian/patches/CVE-2016-9190.patch: add size check to
libImaging/Storage.c, add test to Tests/images/negative_size.ppm,
Tests/test_file_ppm.py.
- CVE-2016-9190
-- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 08:09:36 -0500
Available diffs
| Superseded in artful-release on 2017-07-02 |
| Obsolete in zesty-release on 2018-06-22 |
| Deleted in zesty-proposed on 2018-06-22 (Reason: moved to release) |
pillow (4.0.0-4) unstable; urgency=medium * Build again with internal OleFileIO module. -- Matthias Klose <email address hidden> Tue, 24 Jan 2017 16:52:07 +0100
Available diffs
- diff from 4.0.0-3 to 4.0.0-4 (36.4 KiB)
| Superseded in zesty-release on 2017-01-25 |
| Deleted in zesty-proposed on 2017-01-26 (Reason: moved to release) |
pillow (4.0.0-3) unstable; urgency=medium * Re-add build dependencies on python*-olefile. -- Matthias Klose <email address hidden> Tue, 10 Jan 2017 23:44:36 +0100
Available diffs
- diff from 4.0.0-1 to 4.0.0-3 (1.0 KiB)
- diff from 4.0.0-2 to 4.0.0-3 (471 bytes)
pillow (4.0.0-2) unstable; urgency=medium
* Add imagingtk-int-overflow.patch. Fix integer overflow on 32 bit
architectures (Markus Koschany). Closes: #847812.
-- Matthias Klose <email address hidden> Mon, 09 Jan 2017 23:50:08 +0100
Available diffs
- diff from 4.0.0-1 to 4.0.0-2 (1.1 KiB)
| Superseded in zesty-release on 2017-01-11 |
| Deleted in zesty-proposed on 2017-01-12 (Reason: moved to release) |
pillow (4.0.0-1) unstable; urgency=medium * Pillow 4.0.0 release. -- Matthias Klose <email address hidden> Thu, 05 Jan 2017 19:47:03 +0100
Available diffs
- diff from 3.4.2-1 to 4.0.0-1 (99.4 KiB)
| Superseded in zesty-release on 2017-01-09 |
| Deleted in zesty-proposed on 2017-01-11 (Reason: moved to release) |
pillow (3.4.2-1) unstable; urgency=medium * Pillow 3.4.2 release. -- Matthias Klose <email address hidden> Wed, 02 Nov 2016 15:48:03 +0100
Available diffs
- diff from 3.3.1-1 to 3.4.2-1 (77.7 KiB)
pillow (2.3.0-1ubuntu3.3) trusty-security; urgency=medium
* SECURITY UPDATE: revert fix for CVE-2014-9601 which caused regression
- debian/patches/revert-CVE-201409601.patch
-- Emily Ratliff <email address hidden> Thu, 29 Sep 2016 20:48:05 -0500
Available diffs
pillow (2.3.0-1ubuntu3.2) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overflow in ImagingFliDecode()
- debian/patches/pillow-CVE-2016-0775.patch: correct memcpy location
- Thanks to Eric Soroos for finding and fixing this issue.
- CVE-2016-0775
* SECURITY UPDATE: buffer overflow in ImagingLibTiffDecode
- debian/patches/pillow-CVE-2016-0740.patch: correct type of size to
match that returned by libtiff
- Thanks to Eric Soroos for finding and fixing this issue.
- CVE-2016-0740
* SECURITY UPDATE: PCD decoder overruns the shuffle buffer
- debian/patches/pillow-CVE-2016-2533.patch: correct size adjustments
- CVE-2016-2533
* SECURITY-UPDATE: Icns DOS fix
- debian/patches/pillow-CVE-2014-3589.patch: Icns DOS fix
- Thanks to Andrew Drake for reporting this issue.
- CVE-2014-3589
* SECURITY-UPDATE: Fix potential PNG decompression DOS
- debian/patches/pillow-CVE-2014-9601.patch: Fix PNG decompresson DOS
- CVE-2014-9601
-- Emily Ratliff <email address hidden> Mon, 26 Sep 2016 18:03:27 -0500
Available diffs
| Superseded in zesty-release on 2016-11-08 |
| Obsolete in yakkety-release on 2018-01-23 |
| Deleted in yakkety-proposed on 2018-01-23 (Reason: moved to release) |
pillow (3.3.1-1) unstable; urgency=medium * Pillow 3.3.1 release. -- Matthias Klose <email address hidden> Wed, 31 Aug 2016 16:32:48 +0200
Available diffs
- diff from 3.3.0-1 to 3.3.1-1 (12.0 KiB)
| Superseded in yakkety-release on 2016-09-01 |
| Deleted in yakkety-proposed on 2016-09-02 (Reason: moved to release) |
pillow (3.3.0-1) unstable; urgency=medium * Pillow 3.3.0 release. -- Matthias Klose <email address hidden> Thu, 11 Aug 2016 10:18:19 +0200
Available diffs
- diff from 3.2.0-2 to 3.3.0-1 (131.4 KiB)
- diff from 3.2.0-2build1 (in Ubuntu) to 3.3.0-1 (131.5 KiB)
| Superseded in yakkety-proposed on 2016-08-11 |
pillow (3.2.0-2build1) yakkety; urgency=medium * No-change rebuild against libwebp6 -- Iain Lane <email address hidden> Tue, 09 Aug 2016 16:05:30 +0100
Available diffs
- diff from 3.2.0-2 (in Debian) to 3.2.0-2build1 (326 bytes)
| Superseded in yakkety-release on 2016-08-19 |
| Deleted in yakkety-proposed on 2016-08-20 (Reason: moved to release) |
pillow (3.2.0-2) unstable; urgency=medium * Don't run test needing the removed icc profiles. -- Matthias Klose <email address hidden> Thu, 05 May 2016 17:42:07 +0200
Available diffs
- diff from 3.1.2-0ubuntu1 (in Ubuntu) to 3.2.0-2 (49.4 KiB)
- diff from 3.2.0-1 to 3.2.0-2 (963 bytes)
pillow (3.2.0-1) unstable; urgency=medium * Pillow 3.2.0 release. -- Matthias Klose <email address hidden> Sat, 16 Apr 2016 18:01:45 +0200
| Superseded in yakkety-release on 2016-05-17 |
| Published in xenial-release on 2016-04-16 |
| Deleted in xenial-proposed (Reason: moved to release) |
pillow (3.1.2-0ubuntu1) xenial; urgency=medium
* Pillow 3.1.2 release.
- CVE-2016-3076; Fix an integer overflow in Jpeg2KEncode.c causing a
buffer overflow.
-- Matthias Klose <email address hidden> Sat, 16 Apr 2016 17:54:58 +0200
Available diffs
pillow (2.9.0-1ubuntu0.2) wily-security; urgency=medium
* SECURITY UPDATE: buffer overflow in ImagingFliDecode()
- debian/patches/pillow-CVE-2016-0775.patch: correct memcpy location
- debian/source/include-binaries: add test image in
Tests/images/fli_overflow.fli
- CVE-2016-0775
* SECURITY UPDATE: buffer overflow in ImagingLibTiffDecode
- debian/patches/pillow-CVE-2016-0740.patch: correct type of size to
match that returned by libtiff
- debian/source/include-binaries: add test image in
Tests/images/libtiff_segfault.tif
- CVE-2016-0740
* SECURITY UPDATE: integer overflow in ImagingResampleHorizontal()
- debian/patches/pillow-gh#1714.patch: check for integer overflow
* SECURITY UPDATE: PCD decoder overruns the shuffle buffer
- debian/patches/pillow-gh#1706.patch: correct size adjustments
- CVE-2016-2533
-- Steve Beattie <email address hidden> Fri, 11 Mar 2016 12:12:04 -0800
Available diffs
- diff from 2.9.0-1ubuntu0.1 to 2.9.0-1ubuntu0.2 (483 bytes)
| Superseded in xenial-release on 2016-04-16 |
| Deleted in xenial-proposed on 2016-04-18 (Reason: moved to release) |
pillow (3.1.1-1) unstable; urgency=medium
* Pillow 3.1.1 release.
- CVE-2016-0740: Fix buffer overflow in TiffDecode.c. Closes: #813905.
- CVE-2016-0775: Fix buffer overflow in FliDecode.c. Closes: #813909.
-- Matthias Klose <email address hidden> Wed, 10 Feb 2016 10:40:44 +0100
Available diffs
- diff from 3.1.0-1 to 3.1.1-1 (5.1 KiB)
| Superseded in xenial-release on 2016-02-10 |
| Deleted in xenial-proposed on 2016-02-12 (Reason: moved to release) |
pillow (3.1.0-1) unstable; urgency=medium * Pillow 3.1.0 release. * Breaks rapid-photo-downloader (<< 0.4.11). Closes: #806976. * Breaks tilestache (<< 1.49.8-3). Closes: #808238. * Install upstream changelog. Closes: #805694. -- Matthias Klose <email address hidden> Tue, 19 Jan 2016 17:49:58 +0100
Available diffs
| Superseded in xenial-release on 2016-01-25 |
| Deleted in xenial-proposed on 2016-01-26 (Reason: moved to release) |
pillow (3.0.0-1build1) xenial; urgency=medium * No-change rebuild to drop python3.4 support. -- Matthias Klose <email address hidden> Tue, 19 Jan 2016 00:10:10 +0000
Available diffs
- diff from 3.0.0-1 (in Debian) to 3.0.0-1build1 (307 bytes)
| Superseded in xenial-release on 2016-01-20 |
| Deleted in xenial-proposed on 2016-01-21 (Reason: moved to release) |
pillow (3.0.0-1) unstable; urgency=medium * Pillow 3.0.0 release. -- Matthias Klose <email address hidden> Mon, 30 Nov 2015 08:35:40 +0100
Available diffs
- diff from 2.9.0-1 to 3.0.0-1 (78.2 KiB)
| Superseded in xenial-release on 2015-11-30 |
| Obsolete in wily-release on 2018-01-22 |
| Deleted in wily-proposed on 2018-01-22 (Reason: moved to release) |
pillow (2.9.0-1) unstable; urgency=medium
* Pillow 2.9.0 release.
* d/rules: Don't add $DEB_HOST_MULTIARCH to SOABI for Python 3.5 since
it's already included there. Closes: #790085.
-- Matthias Klose <email address hidden> Wed, 12 Aug 2015 02:59:31 +0200
Available diffs
- diff from 2.8.1-1ubuntu1 (in Ubuntu) to 2.9.0-1 (108.3 KiB)
| Superseded in wily-release on 2015-08-21 |
| Deleted in wily-proposed on 2015-08-23 (Reason: moved to release) |
pillow (2.8.1-1ubuntu1) wily; urgency=medium
[ Barry Warsaw ]
* d/rules: Don't add $DEB_HOST_MULTIARCH to SOABI for Python 3.5 since
it's already included there.
-- Steve Langasek <email address hidden> Tue, 21 Jul 2015 21:21:22 +0000
Available diffs
| Superseded in wily-release on 2015-07-21 |
| Deleted in wily-proposed on 2015-07-23 (Reason: moved to release) |
pillow (2.8.1-1) unstable; urgency=medium * Pillow 2.8.1 release. -- Matthias Klose <email address hidden> Mon, 01 Jun 2015 19:15:59 +0200
Available diffs
- diff from 2.7.0-1 to 2.8.1-1 (437.3 KiB)
| Superseded in wily-release on 2015-06-02 |
| Obsolete in vivid-release on 2018-01-18 |
| Deleted in vivid-proposed on 2018-01-19 (Reason: moved to release) |
pillow (2.7.0-1) experimental; urgency=medium * Pillow 2.7.0 release. * Stop building the sane package, not built anymore from this source. * Disable running the tests in debug mode for now, hangs the build. -- Matthias Klose <email address hidden> Thu, 26 Feb 2015 14:29:15 +0100
Available diffs
- diff from 2.6.1-1 to 2.7.0-1 (69.0 KiB)
| Superseded in vivid-release on 2015-02-27 |
| Obsolete in utopic-release on 2016-11-03 |
| Deleted in utopic-proposed on 2016-11-03 (Reason: moved to release) |
pillow (2.6.1-1) unstable; urgency=medium * Pillow 2.6.1 release. * Update jpeg build dependency. Closes: #763491. -- Matthias Klose <email address hidden> Mon, 13 Oct 2014 20:30:42 +0200
Available diffs
- diff from 2.6.0-1 to 2.6.1-1 (3.1 KiB)
| Superseded in utopic-release on 2014-10-14 |
| Deleted in utopic-proposed on 2014-10-15 (Reason: moved to release) |
pillow (2.6.0-1) unstable; urgency=medium * Pillow 2.6.0 release. * Add test images missing in the release. -- Matthias Klose <email address hidden> Thu, 02 Oct 2014 14:23:21 +0200
Available diffs
- diff from 2.6.0~rc1-1 to 2.6.0-1 (7.7 KiB)
| Superseded in utopic-release on 2014-10-06 |
| Deleted in utopic-proposed on 2014-10-07 (Reason: moved to release) |
pillow (2.6.0~rc1-1) unstable; urgency=medium
* Pillow 2.6.0 release candidate 1.
- Provides distributable test image files. Closes: #760171.
- Fix comparing an Image to anything that's not an image. Closes: #758927.
-- Matthias Klose <email address hidden> Tue, 30 Sep 2014 12:13:58 +0200
Available diffs
- diff from 2.5.3-1 to 2.6.0~rc1-1 (403.6 KiB)
| Superseded in utopic-release on 2014-10-03 |
| Deleted in utopic-proposed on 2014-10-04 (Reason: moved to release) |
pillow (2.5.3-1) unstable; urgency=medium
* Pillow 2.5.3 release.
- Fix CVE-2014-3589, a DOS in the IcnsImagePlugin. Closes: #758772.
- Fix CVE-2014-3598, a DOS in the Jpeg2KImagePlugin.
* Build-Depend on dh-python.
-- Matthias Klose <email address hidden> Thu, 21 Aug 2014 08:56:15 +0200
Available diffs
- diff from 2.5.1-6 to 2.5.3-1 (10.9 KiB)
| Superseded in utopic-release on 2014-08-21 |
| Deleted in utopic-proposed on 2014-08-22 (Reason: moved to release) |
pillow (2.5.1-6) unstable; urgency=medium * Allow stderr output for the upstream autopkg tests. -- Matthias Klose <email address hidden> Fri, 15 Aug 2014 00:15:29 +0200
Available diffs
- diff from 2.3.0-1ubuntu3 (in Ubuntu) to 2.5.1-6 (343.8 KiB)
- diff from 2.5.1-5 to 2.5.1-6 (412 bytes)
pillow (2.5.1-5) unstable; urgency=medium * Add python-nose, python3-nose to the autopkg test dependencies. -- Matthias Klose <email address hidden> Wed, 13 Aug 2014 13:10:39 +0200
Available diffs
- diff from 2.5.1-4 to 2.5.1-5 (415 bytes)
pillow (2.5.1-4) unstable; urgency=medium * Run the tests sequentially, and increase the timeout. -- Matthias Klose <email address hidden> Mon, 11 Aug 2014 19:20:32 +0200
Available diffs
- diff from 2.5.1-2 to 2.5.1-4 (3.6 KiB)
pillow (2.5.1-2) unstable; urgency=medium * Update autopkg tests for 2.5. -- Matthias Klose <email address hidden> Sun, 10 Aug 2014 13:14:26 +0200
Available diffs
- diff from 2.5.1-1 to 2.5.1-2 (1.6 KiB)
pillow (2.5.1-1) unstable; urgency=medium * Pillow 2.5.1 release. -- Matthias Klose <email address hidden> Thu, 17 Jul 2014 23:43:18 +0200
| 1 → 75 of 88 results | First • Previous • Next • Last |
