Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for python-Pillow

This update for python-Pillow fixes the following issues:

- backport security fixes from 3.1.1 (Pillow-overflows.patch):
* Fixed an integer overflow in Resample.c causing writes in the Python heap.
* Fixed a buffer overflow in PcdDecode.c causing a segfault when opening
PhotoCD files. CVE-2016-TBD
* Fixed a buffer overflow in FliDecode.c causing a segfault when opening
FLI files. CVE-2016-0775 (fixes boo#965582)
* Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of
memory to be overwritten when opening a specially crafted invalid TIFF
file. CVE-2016-0740 (fixes boo#965579)

Fixed bugs
bnc#965579
VUL-0: CVE-2016-0740: python-pillow: Integer overflow resulting in buffer overflow when reading invalid tiff file
bnc#965582
VUL-0: CVE-2016-0775: python-pillow: Buffer overflow in FliDecode.c
CVE-CVE-2016-0775
CVE-CVE-2016-0740
Selected Binaries
openSUSE Build Service is sponsored by
Places