Debian Security Advisory

DLA-705-1 python-imaging -- LTS security update

Date Reported:

07 Nov 2016

Affected Packages:

python-imaging

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-9189, CVE-2016-9190.

More information:

It was discovered that there were a number of memory overflow issues in in python-imaging, a Python image manipulation library.

For Debian 7 Wheezy, this issue has been fixed in python-imaging version 1.1.7-4+deb7u3.

We recommend that you upgrade your python-imaging packages.