[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 422-1] python-imaging security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : python-imaging
Version        : 1.1.7-2+deb6u2
CVE ID         : CVE-2016-0775
Debian Bug     : 813909


Two buffer overflows were discovered in python-imaging, a Python
library for loading and manipulating image files, which may lead to
the execution of arbitrary code.


CVE-2016-0775
	Buffer overflow in FliDecode.c

The second buffer overflow was in PcdDecode.c. A CVE identifier has
not been assigned yet.

For Debian 6 "Squeeze", these problems have been fixed in version
1.1.7-2+deb6u2.

We recommend that you upgrade your python-imaging packages.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJWycQQXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkpOIQAMmjH8cwtmnjUxmoiSy6vuLM
tgh77twMB9JJ4FC9D8TOdPZnH2Y5tYCYIut/JTbb+w5KBQG3mFus0ZxPrlWhz7XF
wSD9/iMSH9UMrpiKINyklHGv7acGdOwupYtYBC0f3jijQMUJzrEHDkkv1xGSokEu
9NO4Vwwj32qAO0BO+KH9sJDzzVlI6LNyk2laVQsKcYnCTjLIKtnlRcVKuI4GMKui
m9hHlqTB+1GRZzKJ4LfBTF1qxdctQRSWBPquZaPiRdeNNAkZ4p53nb879jQRAFov
u2gWhloC55ehahD98GTW61m9n6ljvkrYsf9bwS99wUZ498lhIAHaArZWhTCKMy65
P4TOAF0YcD+6XGjNJrKgLgscwMbkc/IfgXfH7RNM3OI5IGtUxDxNLiMOtHJzMJ6D
8ZSzlmpRbryM4OXp5eKsbhUHxZc2BPpA+y3XPdYoNhnFFt8V2efuf5Fwj/oWUKn5
T32/MXEYs757R2b3u76Y+bx0QeLNuQcZozcYVQMuk4BQ6T52a9Fg6CQpQz8jJU0R
fKWbPHpnN8B0H+iRxItNP7i63sEFzkaUVItCVRpmSpSDogFVw0bToWgWOYzmHZHr
BoGvQTJa1SVzHGLOjTW3hciSb/CruBc32qmRCy1f8SjFjeunElftww9kXhSHs8CX
Q37oxuzYmNaN+MIQCwtV
=3Dcb
-----END PGP SIGNATURE-----


Reply to: