Debian Security Advisory
DLA-422-1 python-imaging -- LTS security update
- Date Reported:
- 21 Feb 2016
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 813909.
In Mitre's CVE dictionary: CVE-2016-0775.
- More information:
Two buffer overflows were discovered in python-imaging, a Python library for loading and manipulating image files, which may lead to the execution of arbitrary code.
Buffer overflow in FliDecode.c
The second buffer overflow was in PcdDecode.c. A CVE identifier has not been assigned yet.
For Debian 6
Squeeze, these problems have been fixed in version 1.1.7-2+deb6u2.
We recommend that you upgrade your python-imaging packages.