Overview

File _patchinfo of Package patchinfo.33871

<patchinfo incident="33871">
  <issue tracker="cve" id="2021-25292"/>
  <issue tracker="cve" id="2021-23437"/>
  <issue tracker="cve" id="2020-35654"/>
  <issue tracker="cve" id="2021-27923"/>
  <issue tracker="cve" id="2021-25289"/>
  <issue tracker="cve" id="2021-27922"/>
  <issue tracker="cve" id="2021-25293"/>
  <issue tracker="cve" id="2022-22815"/>
  <issue tracker="cve" id="2021-27921"/>
  <issue tracker="cve" id="2021-25290"/>
  <issue tracker="cve" id="2021-34552"/>
  <issue tracker="cve" id="2022-22816"/>
  <issue tracker="bnc" id="1194551">VUL-1: CVE-2022-22816: python-Pillow: path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.</issue>
  <issue tracker="bnc" id="1180833">VUL-0: CVE-2020-35654: python-Pillow: TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files</issue>
  <issue tracker="bnc" id="1194552">VUL-1: CVE-2022-22815: python-Pillow: path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.</issue>
  <issue tracker="bnc" id="1183107">VUL-0: CVE-2021-27923: python-Pillow: reported size of a contained image is not properly checked for an ICO container</issue>
  <issue tracker="bnc" id="1183102">VUL-0: CVE-2021-25293: python-Pillow: out-of-bounds read in SGIRleDecode.c</issue>
  <issue tracker="bnc" id="1183101">VUL-0: CVE-2021-25292: python-Pillow: backtracking regex in PDF parser could be used as a DOS attack</issue>
  <issue tracker="bnc" id="1183103">VUL-0: CVE-2021-25289: python-Pillow: insufficent fix for  due to incorrect error checking in TiffDecode.c</issue>
  <issue tracker="bnc" id="1183108">VUL-0: CVE-2021-27922: python-Pillow: reported size of a contained image is not properly checked for an ICNS container</issue>
  <issue tracker="bnc" id="1188574">VUL-0: CVE-2021-34552: python-Pillow: buffer overflow in Convert.c</issue>
  <issue tracker="bnc" id="1183110">VUL-0: CVE-2021-27921: python-Pillow: reported size of a contained image is not properly checked for a BLP container</issue>
  <issue tracker="bnc" id="1183105">VUL-0: CVE-2021-25290: python-Pillow: negative-offset memcpy with an invalid size in TiffDecode.c</issue>
  <issue tracker="bnc" id="1190229">VUL-0: CVE-2021-23437: python-Pillow: Regular Expression Denial of Service (ReDoS) via the getrgb function</issue>
  <packager>dgarcia</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for python-Pillow</summary>
  <description>This update for python-Pillow fixes the following issues:

- Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815, bsc#1194551, CVE-2022-22816)
- Use snprintf instead of sprintf (bsc#1188574, CVE-2021-34552)
- Fix Memory DOS in Icns, Ico and Blp Image Plugins. (bsc#1183110, CVE-2021-27921, bsc#1183108, CVE-2021-27922, bsc#1183107, CVE-2021-27923)
- Fix OOB read in SgiRleDecode.c (bsc#1183102, CVE-2021-25293)
- Use more specific regex chars to prevent ReDoS (bsc#1183101, CVE-2021-25292)
- Fix negative size read in TiffDecode.c (bsc#1183105, CVE-2021-25290)
- Raise ValueError if color specifier is too long (bsc#1190229, CVE-2021-23437)
- Incorrect error code checking in TiffDecode.c (bsc#1183103, CVE-2021-25289)
- OOB Write in TiffDecode.c (bsc#1180833, CVE-2020-35654)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places