File _patchinfo of Package patchinfo.33801

<patchinfo incident="33801">
  <issue tracker="cve" id="2021-28675"/>
  <issue tracker="cve" id="2021-25287"/>
  <issue tracker="cve" id="2021-28678"/>
  <issue tracker="cve" id="2021-28676"/>
  <issue tracker="cve" id="2021-25288"/>
  <issue tracker="cve" id="2021-28677"/>
  <issue tracker="bnc" id="1185786">VUL-0: CVE-2021-28676: python-Pillow: infinite loop in FliDecode.c can lead to DoS</issue>
  <issue tracker="bnc" id="1185805">VUL-0: CVE-2021-25287: python-Pillow: out-of-bounds read in J2kDecode in j2ku_graya_la</issue>
  <issue tracker="bnc" id="1185804">VUL-0: CVE-2021-28675: python-Pillow: DoS in PsdImagePlugin</issue>
  <issue tracker="bnc" id="1185785">VUL-0: CVE-2021-28677: python-Pillow: DoS in the open phase via a malicious EPS file</issue>
  <issue tracker="bnc" id="1185784">VUL-0: CVE-2021-28678: python-Pillow: improper check in BlpImagePlugin can lead to DoS</issue>
  <issue tracker="bnc" id="1185803">VUL-0: CVE-2021-25288: python-Pillow: out-of-bounds read in J2kDecode in j2ku_gray_i</issue>
  <packager>dgarcia</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for python-Pillow</summary>
  <description>This update for python-Pillow fixes the following issues:

- CVE-2021-25287: out-of-bounds read in J2kDecode in j2ku_graya_la (bsc#1185805)
- CVE-2021-25288: out-of-bounds read in J2kDecode in j2ku_gray_i (bsc#1185803)
- CVE-2021-28675: DoS in PsdImagePlugin (bsc#1185804)
- CVE-2021-28676: infinite loop in FliDecode.c can lead to DoS (bsc#1185786)
- CVE-2021-28677: DoS in the open phase via a malicious EPS file (bsc#1185785)
- CVE-2021-28678: improper check in BlpImagePlugin can lead to DoS (bsc#1185784)
</description>
</patchinfo>