Debian Security Advisory 4631-1

Debian Security Advisory 4631-1: Posted Feb 28, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4631-1 - Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images are processed.; tags | advisory, denial of service, arbitrary, python; systems | linux, debian; advisories | CVE-2019-16865, CVE-2019-19911, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313; SHA-256 | 672a8a4e95e604dea700f5a873d7d479e1ba2dc4114bd73eddf87bc4c9fac27f; Download | Favorite | View

Debian Security Advisory 4631-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4631-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 21, 2020                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pillow
CVE ID         : CVE-2019-16865 CVE-2019-19911 CVE-2020-5311
                 CVE-2020-5312  CVE-2020-5313

Multiple security issues were discovered in Pillow, a Python imaging
library, which could result in denial of service and potentially the
execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images
are processed.

For the oldstable distribution (stretch), these problems have been fixed
in version 4.0.0-4+deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 5.4.1-2+deb10u1.

We recommend that you upgrade your pillow packages.

For the detailed security status of pillow please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pillow

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5QOzIACgkQEMKTtsN8
TjZzcg//eThj2Y9H99WWjofkjBkdatYwRdvjSonoBrJrCrz9QUVxXA/iNW/iq9yP
malKasWb4B4CqZhsOsJM3qF5nRb7UYvFR4RW5On/Q3pvtV4Gb5MoT+/e6yurKXmF
3mDh3NP52zpb5TECiIr8FicGz1oh5ouChwDUUAIuUTdbtR/gi8zzmaK+eE2XeGVD
4ZVyI+W/cj/57emvOtz1aBbEJZ8eNvrslDS5wCfOdGnixcZSDAfUWKUQmgAjZ0NQ
oH5AeHK6uAnrFFpaTv/o8SkTJJl8ciNO/XM42vfTO1qpVXsBMxAWrU6HrLITo5Y3
SSI1VV/2YBQLnzrwFBkLA+Eeo3v4z7bv1Z+4AGKfPDiw7s2BQ4yaQ+TiW64AfGNr
oIwEiQCO78EjcoMURfuypbqBZjC38TXMUk7nh6Yq5cOU9HY49TN1JlBPIfqot4A3
hBblu/eNhNeTuJESXkFWgFJcyym2g53QN8dUPs9vWMJuRy9bDn3HOAeFaXAsYkvG
WCn0BOS/GR+I1EH06gPszl65a1bVZo2TkEOhTKfvxHqtrNsfXVdhJzmjiOJrSbb6
7ZKNTicdmdBM5MQ9QL0FqMztOVWPmslqMJ0GILez4NBKXQKppOn6yABzkKDQS79b
7YgeXVatItdO/fJBKx3+/LCux3BOD+pLgCwJj3pXvW2XXcPWyYk=
=Wbg1
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 52 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,960)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,989)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

Debian Security Advisory 4631-1

Debian Security Advisory 4631-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4631-1

Share This

Debian Security Advisory 4631-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems