Format: 1.8
Date: Thu, 25 Jan 2024 12:48:42 -0500
Source: pillow
Binary: python-pil-doc python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg
Architecture: all amd64
Version: 7.0.0-4ubuntu0.8
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-091.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python-pil-doc - Examples for the Python Imaging Library
 python3-pil - Python Imaging Library (Python3)
 python3-pil-dbg - Python Imaging Library (Python3 debug extension)
 python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3)
 python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension)
Changes:
 pillow (7.0.0-4ubuntu0.8) focal-security; urgency=medium
 .
   * SECURITY UPDATE: DoS in ImageFont via large textlength
     - debian/patches/CVE-2023-44271.patch: added a maximum string length in
       Tests/test_imagefont.py, docs/reference/ImageFont.rst,
       src/PIL/ImageFont.py.
     - CVE-2023-44271
   * SECURITY UPDATE: PIL.ImageMath.eval Arbitrary Code Execution
     - debian/patches/CVE-2023-50447-1.patch: don't allow __ or builtins in
       env dictionarys for ImageMath.eval in src/PIL/ImageMath.py.
     - debian/patches/CVE-2023-50447-2.patch: allow ops in
       Tests/test_imagemath.py, src/PIL/ImageMath.py.
     - debian/patches/CVE-2023-50447-3.patch: include further builtins in
       Tests/test_imagemath.py, src/PIL/ImageMath.py.
     - CVE-2023-50447
Checksums-Sha1:
 dba872f136ea954bf692e615e468076ef5d50e04 13605 pillow_7.0.0-4ubuntu0.8_amd64.buildinfo
 31b198bab6fc718679c4407581acfab8ba3f6ecb 411312 python-pil-doc_7.0.0-4ubuntu0.8_all.deb
 3949f868e78110bafbea1af7d19e20598488fe8c 1279824 python3-pil-dbg_7.0.0-4ubuntu0.8_amd64.deb
 da220680c9c5e61353dfe2724e28137b56925687 35812 python3-pil.imagetk-dbg_7.0.0-4ubuntu0.8_amd64.deb
 841774d04906fa7b03556be06d6c3d8d5809e790 8700 python3-pil.imagetk_7.0.0-4ubuntu0.8_amd64.deb
 c5147fbbdf710965a1b453f8f9a16f233dad1022 366768 python3-pil_7.0.0-4ubuntu0.8_amd64.deb
Checksums-Sha256:
 62ca3ab61c15121b16379d7d0648c89cbde55ef7c58a2eb1ed2bf33fbbf874ff 13605 pillow_7.0.0-4ubuntu0.8_amd64.buildinfo
 d117102087801061971b86b906099bb9e16766a21aab082e9cee45ef427fcc43 411312 python-pil-doc_7.0.0-4ubuntu0.8_all.deb
 a4f225390d789753bd476b259aa17c0602769dfea08a54745fcb86f16d1c818c 1279824 python3-pil-dbg_7.0.0-4ubuntu0.8_amd64.deb
 5afdf56eab3d006d4cd6c6d3e2820e01d0ce395ea51424cf54da058d7fcca2a2 35812 python3-pil.imagetk-dbg_7.0.0-4ubuntu0.8_amd64.deb
 c2e9ddbd68259af6c79b2325b6a1e042d962c9fcaeba0736379e6c3ab2a4d890 8700 python3-pil.imagetk_7.0.0-4ubuntu0.8_amd64.deb
 fd55177694a1c8c946a01aa2933daa1e30df447901d6ad6d5a5b97deb3750b9f 366768 python3-pil_7.0.0-4ubuntu0.8_amd64.deb
Files:
 d2116167f8862302ef292efa6af5ed74 13605 python optional pillow_7.0.0-4ubuntu0.8_amd64.buildinfo
 a81fd9d70c473d267903e4be8edf3c29 411312 doc optional python-pil-doc_7.0.0-4ubuntu0.8_all.deb
 e8b83f63951605bf1a49b4c79d5ed9b2 1279824 debug optional python3-pil-dbg_7.0.0-4ubuntu0.8_amd64.deb
 3309def267ac38516b5d45162ab5beae 35812 debug optional python3-pil.imagetk-dbg_7.0.0-4ubuntu0.8_amd64.deb
 c8e9501712de005fbde0d7cf505dca80 8700 python optional python3-pil.imagetk_7.0.0-4ubuntu0.8_amd64.deb
 f76bfb4cc1f9953731f0b7be9fc58dbf 366768 python optional python3-pil_7.0.0-4ubuntu0.8_amd64.deb
Original-Maintainer: Matthias Klose <doko@debian.org>