-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2015:099 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : python-pillow Date : March 28, 2015 Affected: Business Server 2.0 _______________________________________________________________________ Problem Description: Updated python-imaging packages fix security vulnerabilities: Jakub Wilk discovered that temporary files were insecurely created (via mktemp()) in the IptcImagePlugin.py, Image.py, JpegImagePlugin.py, and EpsImagePlugin.py files of Python Imaging Library. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running an application that uses the Python Imaging Library (CVE-2014-1932). Jakub Wilk discovered that temporary files created in the JpegImagePlugin.py and EpsImagePlugin.py files of the Python Imaging Library were passed to an external process. These could be viewed on the command line, allowing an attacker to obtain the name and possibly perform symbolic link attacks, allowing them to modify an arbitrary file accessible to the user running an application that uses the Python Imaging Library (CVE-2014-1933). The Python Imaging Library is vulnerable to a denial of service attack in the IcnsImagePlugin (CVE-2014-3589). Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters, due to an incomplete fix for CVE-2014-1932 (CVE-2014-3007). Pillow before 2.7.0 and 2.6.2 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed (CVE-2014-9601). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9601 http://advisories.mageia.org/MGASA-2014-0159.html http://advisories.mageia.org/MGASA-2014-0343.html http://advisories.mageia.org/MGASA-2014-0476.html http://advisories.mageia.org/MGASA-2015-0039.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: 851eb58425ac5564e505233acd49e147 mbs2/x86_64/python3-pillow-2.6.2-1.1.mbs2.x86_64.rpm a24beaf54149ec5049cc215908c9a5ce mbs2/x86_64/python3-pillow-devel-2.6.2-1.1.mbs2.x86_64.rpm 5d6155bdef86b902c346cf11c55dceee mbs2/x86_64/python3-pillow-doc-2.6.2-1.1.mbs2.noarch.rpm 5727dc1b952f8d8e4214887c5f19f1e1 mbs2/x86_64/python3-pillow-sane-2.6.2-1.1.mbs2.x86_64.rpm 5d72610503946bfd2a3e5bb9f5aba317 mbs2/x86_64/python3-pillow-tk-2.6.2-1.1.mbs2.x86_64.rpm ff25c3184b79c98affb7c287ed6bf810 mbs2/x86_64/python-pillow-2.6.2-1.1.mbs2.x86_64.rpm b64e67fd59fbaed0a454134d8c5093b4 mbs2/x86_64/python-pillow-devel-2.6.2-1.1.mbs2.x86_64.rpm 84bac4da63c5a44bb49c353e9019ad2d mbs2/x86_64/python-pillow-doc-2.6.2-1.1.mbs2.noarch.rpm 8b567267acc437c0ebad1aeb8f85bb55 mbs2/x86_64/python-pillow-sane-2.6.2-1.1.mbs2.x86_64.rpm b1750dd703813d162291db4f34e077eb mbs2/x86_64/python-pillow-tk-2.6.2-1.1.mbs2.x86_64.rpm 38024e50a951ebae0a6f670aed5a8b47 mbs2/SRPMS/python-pillow-2.6.2-1.1.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFVFn70mqjQ0CJFipgRAijaAKCTIyac5ApvxzxZ//qQJDsnz8YPGACgruKo LTTw2e4UyqR4Vq8nItlLmcw= =DRbE -----END PGP SIGNATURE-----