Debian Security Advisory
DLA-41-1 python-imaging -- LTS security update
- Date Reported:
- 24 Aug 2014
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-3589.
- More information:
Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed.
For Debian 6
Squeeze, these issues have been fixed in python-imaging version 1.1.7-2+deb6u1