exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4631-1

Debian Security Advisory 4631-1
Posted Feb 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4631-1 - Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images are processed.

tags | advisory, denial of service, arbitrary, python
systems | linux, debian
advisories | CVE-2019-16865, CVE-2019-19911, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313
SHA-256 | 672a8a4e95e604dea700f5a873d7d479e1ba2dc4114bd73eddf87bc4c9fac27f

Debian Security Advisory 4631-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4631-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 21, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : pillow
CVE ID : CVE-2019-16865 CVE-2019-19911 CVE-2020-5311
CVE-2020-5312 CVE-2020-5313

Multiple security issues were discovered in Pillow, a Python imaging
library, which could result in denial of service and potentially the
execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images
are processed.

For the oldstable distribution (stretch), these problems have been fixed
in version 4.0.0-4+deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 5.4.1-2+deb10u1.

We recommend that you upgrade your pillow packages.

For the detailed security status of pillow please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pillow

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5QOzIACgkQEMKTtsN8
TjZzcg//eThj2Y9H99WWjofkjBkdatYwRdvjSonoBrJrCrz9QUVxXA/iNW/iq9yP
malKasWb4B4CqZhsOsJM3qF5nRb7UYvFR4RW5On/Q3pvtV4Gb5MoT+/e6yurKXmF
3mDh3NP52zpb5TECiIr8FicGz1oh5ouChwDUUAIuUTdbtR/gi8zzmaK+eE2XeGVD
4ZVyI+W/cj/57emvOtz1aBbEJZ8eNvrslDS5wCfOdGnixcZSDAfUWKUQmgAjZ0NQ
oH5AeHK6uAnrFFpaTv/o8SkTJJl8ciNO/XM42vfTO1qpVXsBMxAWrU6HrLITo5Y3
SSI1VV/2YBQLnzrwFBkLA+Eeo3v4z7bv1Z+4AGKfPDiw7s2BQ4yaQ+TiW64AfGNr
oIwEiQCO78EjcoMURfuypbqBZjC38TXMUk7nh6Yq5cOU9HY49TN1JlBPIfqot4A3
hBblu/eNhNeTuJESXkFWgFJcyym2g53QN8dUPs9vWMJuRy9bDn3HOAeFaXAsYkvG
WCn0BOS/GR+I1EH06gPszl65a1bVZo2TkEOhTKfvxHqtrNsfXVdhJzmjiOJrSbb6
7ZKNTicdmdBM5MQ9QL0FqMztOVWPmslqMJ0GILez4NBKXQKppOn6yABzkKDQS79b
7YgeXVatItdO/fJBKx3+/LCux3BOD+pLgCwJj3pXvW2XXcPWyYk=
=Wbg1
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close