Format: 1.8 Date: Wed, 12 Jan 2022 12:49:56 -0500 Source: pillow Binary: python-pil-doc python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg Built-For-Profiles: noudeb Architecture: all amd64 Version: 8.1.2+dfsg-0.3ubuntu0.1 Distribution: impish Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: python-pil-doc - Examples for the Python Imaging Library python3-pil - Python Imaging Library (Python3) python3-pil-dbg - Python Imaging Library (Python3 debug extension) python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3) python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension) Changes: pillow (8.1.2+dfsg-0.3ubuntu0.1) impish-security; urgency=medium . * SECURITY UPDATE: regular expression DoS - debian/patches/CVE-2021-23437.patch: raise ValueError if color specifier is too long in Tests/test_imagecolor.py, src/PIL/ImageColor.py. - CVE-2021-23437 * SECURITY UPDATE: improper initialization - debian/patches/CVE-2022-22815.patch: initialize coordinates to zero in Tests/test_imagepath.py, src/path.c. - CVE-2022-22815 * SECURITY UPDATE: buffer over-read during initialization - debian/patches/CVE-2022-22816.patch: handle case where path count is zero in Tests/test_imagepath.py, src/path.c. - CVE-2022-22816 * SECURITY UPDATE: evaluation of arbitrary expressions - debian/patches/CVE-2022-22817.patch: restrict builtins for ImageMath.eval in Tests/test_imagemath.py, src/PIL/ImageMath.py. - CVE-2022-22817 Checksums-Sha1: 94b93809c9cf33df24d234da607551bcf9025407 13771 pillow_8.1.2+dfsg-0.3ubuntu0.1_amd64.buildinfo fbff62417323be96dab1dcec276d22516bfe0835 589674 python-pil-doc_8.1.2+dfsg-0.3ubuntu0.1_all.deb 05fd9b7741b230e8e9f9397416eca27688526077 1243164 python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb d1922ebf0cd759587c0e4466b6cd3d4aa6036486 27894 python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb 796fb0f37e8bcfbc9dd40005d0b0013413f40a8b 11366 python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb 64eee4eb82fa79c48b3982bafcd6586c7d4e7f31 405940 python3-pil_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb Checksums-Sha256: 67ea655596bd3f715038f1c78bd17872da324f86ab93310ed5a687d8fb34e2d7 13771 pillow_8.1.2+dfsg-0.3ubuntu0.1_amd64.buildinfo c9f3ff46854656fa5b73ec56290a5022d2b5450e9ef2ebb4debeec0254b6d59a 589674 python-pil-doc_8.1.2+dfsg-0.3ubuntu0.1_all.deb 0a62a294f0ac8c4953e614fd199e45f973c543ce8483054cc65b99a71ec3dda0 1243164 python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb c82334a24a4a27edd2c2b961d2e3a0921d18ab6e9cbe185baf9f71193f882b66 27894 python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb 38da237413ceeecce954e2241bdcee5dab73fcb0cf40f39d52a30490b00a32ba 11366 python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb 0d708d252e9862e18343d7dd2fa8c54a06b5e7c8d7dce03c771a65229818ad41 405940 python3-pil_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb Files: dca1fa7ce8d2946beb36f7dc59735845 13771 python optional pillow_8.1.2+dfsg-0.3ubuntu0.1_amd64.buildinfo 4c98278a70f330b2b393cd6c9f708bbf 589674 doc optional python-pil-doc_8.1.2+dfsg-0.3ubuntu0.1_all.deb 0126c6eb13a5017cde3ab65feca25442 1243164 debug optional python3-pil-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb 5b02feccc031f4a21a7d8292c68e5de9 27894 debug optional python3-pil.imagetk-dbg_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb a8d4bb2dfaf5c09763e6a4136329d4af 11366 python optional python3-pil.imagetk_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb 151af33d408a204423da239d542a9d6f 405940 python optional python3-pil_8.1.2+dfsg-0.3ubuntu0.1_amd64.deb Original-Maintainer: Matthias Klose