-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 06 Jan 2020 16:31:19 +0000 Source: pillow Binary: python-pil python-pil-dbg python-pil.imagetk python-pil.imagetk-dbg python-imaging-tk python-sane python-sane-dbg python3-pil python3-pil-dbg python3-pil.imagetk python3-pil.imagetk-dbg python3-sane python3-sane-dbg python-pil-doc python-imaging Architecture: source all amd64 Version: 2.6.1-2+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Matthias Klose <doko@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: python-imaging - Python Imaging Library compatibility layer python-imaging-tk - transitional dummy package for smooth upgrades to python-pil.imag python-pil - Python Imaging Library (Pillow fork) python-pil-dbg - Python Imaging Library (debug extension) python-pil-doc - Examples for the Python Imaging Library python-pil.imagetk - Python Imaging Library - ImageTk Module (Pillow fork) python-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (debug extension) python-sane - Python Imaging Library - SANE interface (Pillow fork) python-sane-dbg - Python Imaging Library - SANE interface (debug extension) python3-pil - Python Imaging Library (Python3) python3-pil-dbg - Python Imaging Library (Python3 debug extension) python3-pil.imagetk - Python Imaging Library - ImageTk Module (Python3) python3-pil.imagetk-dbg - Python Imaging Library - ImageTk Module (Python3 debug extension) python3-sane - Python Imaging Library - SANE interface (Python3) python3-sane-dbg - Python Imaging Library - SANE interface (Python3 debug extension) Closes: 948224 Changes: pillow (2.6.1-2+deb8u4) jessie-security; urgency=high . * CVE-2019-19911: Prevent a denial-of-service vulnerability caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. (Closes: #948224) * CVE-2020-5312: PCX "P mode" buffer overflow. (Closes: #948224) * CVE-2020-5313: FLI buffer overflow. (Closes: #948224) Checksums-Sha1: 8b8b925126a355a3656dc902ad981e66c4c6a3d4 3010 pillow_2.6.1-2+deb8u4.dsc 1f2d7e2a88cb59664fa61d3d360f4e1c624dc6ad 7299315 pillow_2.6.1.orig.tar.gz 572c38271baa77fe9b780ea2e95737cc58bff30e 218328 pillow_2.6.1-2+deb8u4.debian.tar.xz 0a2377ca7c070999179e5d2ede8151b82eabb580 8394 python-imaging-tk_2.6.1-2+deb8u4_all.deb 1f49b7874fd401e8dfe293abea00909b8e058f06 19830 python-pil-doc_2.6.1-2+deb8u4_all.deb 1c25fdf44f716a02476476728b29f1c48c653acb 10024 python-imaging_2.6.1-2+deb8u4_all.deb 8bc7c67c97dad8d6fd6455c790db43929e670dad 304916 python-pil_2.6.1-2+deb8u4_amd64.deb 9c7ec6714ae4615d62fa005b10ad42703b787908 437544 python-pil-dbg_2.6.1-2+deb8u4_amd64.deb 534b56a63df1a5d49afc99b904b78e2f003fe3f1 14004 python-pil.imagetk_2.6.1-2+deb8u4_amd64.deb ad59e30a1110679ecfa9ffc85fdd66e23c3fa820 13116 python-pil.imagetk-dbg_2.6.1-2+deb8u4_amd64.deb eb39901909c47f0837018d96fccf430d8b3b42d4 25198 python-sane_2.6.1-2+deb8u4_amd64.deb 8d401bc82cf21447b2a90b5afa2a5ac6929e325f 29802 python-sane-dbg_2.6.1-2+deb8u4_amd64.deb 8e02da70bf00b1af1b6327ee87b71de7160b1820 304994 python3-pil_2.6.1-2+deb8u4_amd64.deb d774576bf42683587822d6c971d5d9b005ac43fa 442838 python3-pil-dbg_2.6.1-2+deb8u4_amd64.deb 0d7ae0ba44b393a2868daccf74edc738f025b784 14070 python3-pil.imagetk_2.6.1-2+deb8u4_amd64.deb d5a9354a3678d36c03a0658a0a083a3d7848dce7 12996 python3-pil.imagetk-dbg_2.6.1-2+deb8u4_amd64.deb 0f1accd6fe3ce4334100d0e7b990d8537a149c28 20900 python3-sane_2.6.1-2+deb8u4_amd64.deb 6613481633bceb3e533b5894674bddaa2febf979 30890 python3-sane-dbg_2.6.1-2+deb8u4_amd64.deb Checksums-Sha256: e7bc51a8e1a1dd99fa605adb9c42fbb8b30f9c2a92aa01c90d7fac91274908b9 3010 pillow_2.6.1-2+deb8u4.dsc 78647bc8980c98f9d57659083c7a7e30d6a8bdd2c385f5b250f301e85a6acbad 7299315 pillow_2.6.1.orig.tar.gz 9be9f122f6bffce33e2fc001bf7e6f1e50c724b456acb5029d9a4b4f2fb98e80 218328 pillow_2.6.1-2+deb8u4.debian.tar.xz 939b5b09b4873aba5403a506f0af0ceef1691edf3ebcb0ea149e4abede6f1123 8394 python-imaging-tk_2.6.1-2+deb8u4_all.deb fcd53e656d27b8d58d3962158b2dfb9cac08de81a9cf7e2132a269cf98b055f8 19830 python-pil-doc_2.6.1-2+deb8u4_all.deb 49e3f41a719f1577777205c7a29c5242b3065c0f8483ad735a97f80de7043020 10024 python-imaging_2.6.1-2+deb8u4_all.deb 389ff116db58a40a467ad8a6f50c780bf418fc5d12b5cb6c42ca8ddb7e55ba57 304916 python-pil_2.6.1-2+deb8u4_amd64.deb 365faf39a3e4d259dc8e49032ac7bfbe61921b6a5a23261e40da0d75e7eca536 437544 python-pil-dbg_2.6.1-2+deb8u4_amd64.deb dad68e1a220dffe14e249e92f28eaeb75e0fa9339e94a9fbfbb23d7211fc3035 14004 python-pil.imagetk_2.6.1-2+deb8u4_amd64.deb 1e9e92d37318b6122da1a4e40ccdbc0023d1dfcd61470b4fec29252ef34d0b9e 13116 python-pil.imagetk-dbg_2.6.1-2+deb8u4_amd64.deb aba6df111208a5e50494849decec20424db5d2ec4eb65e28de0e9cdb7f520ed3 25198 python-sane_2.6.1-2+deb8u4_amd64.deb 97d7d3c43cb253415c8e843f804b527f1b61980d0e2bd7cc526fa2054b9f064a 29802 python-sane-dbg_2.6.1-2+deb8u4_amd64.deb f45552e380fbb1fc38e8b1d6fcf4c4476649f7d8344b3d1cbe36e7ba4613cc01 304994 python3-pil_2.6.1-2+deb8u4_amd64.deb be9b984023b42dfb4785618abca5eef594ecd34a5a75580c203d1d43077fdc04 442838 python3-pil-dbg_2.6.1-2+deb8u4_amd64.deb 9ffb185fbcefdd54237e8deec20936aab208927a0656f477d7ad192c73dbfcca 14070 python3-pil.imagetk_2.6.1-2+deb8u4_amd64.deb 27e413a1f4c683d90f556e95ef0fada6f80ec239c46e6cff87885ef56f3a383a 12996 python3-pil.imagetk-dbg_2.6.1-2+deb8u4_amd64.deb 8ec24005c90d1f3b1c804d12c9daa801a4814038bb172e38acbcfb5c07c76de5 20900 python3-sane_2.6.1-2+deb8u4_amd64.deb abb7a329ab376942027d6ea0c86e57ec5e9b37af2736acc638020856d54451ee 30890 python3-sane-dbg_2.6.1-2+deb8u4_amd64.deb Files: d614bcff5f09872e0fbe1919a65dc5fc 3010 python optional pillow_2.6.1-2+deb8u4.dsc 13932baf686e2b35f604ef5cdc7742f5 7299315 python optional pillow_2.6.1.orig.tar.gz ee94c0d8a49fcdc2c67d722940e4ba4f 218328 python optional pillow_2.6.1-2+deb8u4.debian.tar.xz 9a6c77891528c1b1c94a05256b834733 8394 python optional python-imaging-tk_2.6.1-2+deb8u4_all.deb 6761d90833dd3c530bc73722c874d0c2 19830 doc optional python-pil-doc_2.6.1-2+deb8u4_all.deb 84c0ca09c4ce92b5def8a06d21084e6f 10024 python optional python-imaging_2.6.1-2+deb8u4_all.deb 545ad11233b2f7d4dde0b7cee486bf79 304916 python optional python-pil_2.6.1-2+deb8u4_amd64.deb 66939867b6678701a8935af471a2ca90 437544 debug extra python-pil-dbg_2.6.1-2+deb8u4_amd64.deb d53fddb7694876f79ef9b21768e35e05 14004 python optional python-pil.imagetk_2.6.1-2+deb8u4_amd64.deb 3b404637d02f755f1d6237c5e20694b2 13116 debug extra python-pil.imagetk-dbg_2.6.1-2+deb8u4_amd64.deb 59f980aa0cb0a96dce5bd4c33c70c0d2 25198 python optional python-sane_2.6.1-2+deb8u4_amd64.deb a4bf4149a4d78ee55084df54fb784f9b 29802 debug extra python-sane-dbg_2.6.1-2+deb8u4_amd64.deb b3a536e8cef0b20ad5418b2637eae571 304994 python optional python3-pil_2.6.1-2+deb8u4_amd64.deb d288b560e9067663e1f9d2f726e24348 442838 debug extra python3-pil-dbg_2.6.1-2+deb8u4_amd64.deb fd392bf03968010582b25a657760a70a 14070 python optional python3-pil.imagetk_2.6.1-2+deb8u4_amd64.deb 16840b96220a9fee60066cab3c8a3d25 12996 debug extra python3-pil.imagetk-dbg_2.6.1-2+deb8u4_amd64.deb f7c2387fac8e50e1de825c29309a8eba 20900 python optional python3-sane_2.6.1-2+deb8u4_amd64.deb c8a0dc9faa6ed20e4fca29fcbad08831 30890 debug extra python3-sane-dbg_2.6.1-2+deb8u4_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl4TZYgACgkQHpU+J9Qx HlhsnhAAq9sMq2SX67y1QfKtGg5k0oCyvenDnnETV6ptMtArJJWgQG6VRK8gPcKq 3+sA94xm8f0A79tXfHsYiGq0yBM1fDo5xooh1cbJKJ+Lkwe5wve0DPuoiPsF7Jit foL52OS/Si4sBwXsTw2Z2kH3CJ62yY+eWVj2WbCdUTVbWPIC6uibxP2ud/jMd8GG 3KPOwmXMdgCKeuDZpnEuu8oenuARoDc9fLqmugVo5vizmM5MCfheHeh7ZwhapZ3A QircqJSUgTfk2rZUAWnF8zLUzkR1XBWIVnX7bNh68uAtJdEd+SRNlhLEAH5XNiJ4 wjNvvk7pVRZyrAmqL5PVDMgnp6tQhZhCHMgxy3dlRgFaBxfiBDmyXgZKCkGV2X4Z Kpxh0PMWtAYhwxHNTqaHqwONRDGxr5xG0jPqFX/AdoVnF/aXrQvvgYzv5WCUb5EA NjE8LozRC0MO88OQVcatHe1W5scDixbc/IBWiFvACH0wTccdiuLOTkmj2IrIX07m /2mjFwBzXx4FUbGUEe3YgyV+GMy83MykdJVLTztDjR0aDdrfVpxlQUWnqJOAflPv nkm2+Xlvmd33pcEWER/kut+mEsWu+X0xc3ah9Zj+S36JEcngDC/VsIKxF8N2T8O0 eZGMVO1kW/IvzS1FECGbHtOtWH/I94YxsZYCBS6aClpRhEYn1hA= =yhFA -----END PGP SIGNATURE-----