MGASA-2016-0066
- Source
- https://advisories.mageia.org/MGASA-2016-0066.html
- Import Source
- https://advisories.mageia.org/MGASA-2016-0066.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2016-0066
- Related
- Published
- 2016-02-17T19:06:01Z
- Modified
- 2016-02-17T18:24:45Z
- Summary
- Updated python-pillow packages fix security vulnerability
- Details
-
A buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF file (CVE-2016-0740).
A buffer overflow in FliDecode.c causing a segfault when opening FLI files (CVE-2016-0775).
A buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files.
- References
-
- https://advisories.mageia.org/MGASA-2016-0066.html
- https://bugs.mageia.org/show_bug.cgi?id=17671
- http://openwall.com/lists/oss-security/2016/02/02/5
- https://github.com/python-pillow/Pillow/blob/777ef4f523679a9ea0f3573efc224bf821b6abe7/docs/releasenotes/3.1.1.rst
- https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176983.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / python-pillow
Package
- Name
- python-pillow
- Purl
- pkg:rpm/mageia/python-pillow?distro=mageia-5