[SECURITY] [DLA 2893-1] pillow security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2893-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
January 23, 2022 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : pillow
Version : 4.0.0-4+deb9u4
CVE ID : CVE-2022-22815 CVE-2022-22816 CVE-2022-22817
Multiple security issues were discovered in Pillow, a Python imaging
library, which could result in denial of service and potentially
the execution of arbitrary code if malformed images are processed.
For Debian 9 stretch, these problems have been fixed in version
4.0.0-4+deb9u4.
We recommend that you upgrade your pillow packages.
For the detailed security status of pillow please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pillow
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmHtpVIACgkQnUbEiOQ2
gwJE8Q//VtB8hWMGokJyGDClqcHMOGGg1wQTMzuatgE1B0X5hB+vgeUIq1Lb12Fj
3wzy4yzk3bSNfdqXt4aIU8cN23JYvnh3zS8jFHCfqKjPLlS2r9qCnQBrdL5LgN77
/vZeiQv+LAJZ4WW4phkaW4QOPTvg6T2mU3wVBz0FxUEp8zVNa1+acL7LSFocfmnK
yWvS4AQv2VDOgH02qcgJrMH3Cnw2twrfGuv0N81uARN4MQb0cG3f1YiAF9hGqd4R
wVCi4rVjmuX9O8Bo8CQxnbyGkN8X+TH5ROxWgZBECxS2MgjRi5VfnE/fQS1h47ZT
Rfuc/x8rOgiXnYDuxRaQy4WSBPJZ9g+SSzEKiDl48N/sITMOHmjH9UrUAfh+ofIk
w5MfYf5hCX7Xkxrz4FIhDuQYm7d8zyY4ZJB2Q9SjjFbotGCYpBJfLakJsNQ21K+j
U3Ok2xSbBmhWe8yE8/wSEDC3RktvV7zXr/EVwsIIBSitr82tV/gkzRtiQUT3K17b
EVAjnLy+qcB+zQuAs8I3EN8AvYo5cwBCX7aCum+Mw8WICxsbuciVkZY7ezRUXzqT
ZTkZUIElsrXceiKpT8f8r4D5sXfL7KtUkzHfFXlRBq1QPlcalRWDuHCsPX+SH7kC
//+KQy3wbRLZ61Kvg+XxpSsyHwJ4JP7cZ92yNzLA4mx+9dLO1Nw=
=UNCB
-----END PGP SIGNATURE-----
Reply to: