Overview
Request 877608 accepted
- update to 8.1.2:
- Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
- Update to 8.1.1
Security
* CVE-2021-25289: The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in TiffDecode.c.
* CVE-2021-25290: In TiffDecode.c, there is a negative-offset memcpy with an invalid size
* CVE-2021-25291: In TiffDecode.c, invalid tile boundaries could lead to an OOB Read in TiffReadRGBATile
* CVE-2021-25292: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
* CVE-2021-25293: There is an Out of Bounds Read in SGIRleDecode.c, since pillow 4.3.0.
There is an Exhaustion of Memory DOS in the ICNS, ICO, and BLP container formats where Pillow
did not properly check the reported size of the contained image. These images could cause
arbitrariliy large memory allocations. This was reported by Jiayi Lin, Luke Shaffer, Xinran Xie,
and Akshay Ajayan of ASU.edu.
Other Changes
A crash with the feature flags for LibJpeg and Webp on unreleased Python 3.10 has been fixed
- Created by dirkmueller
- In state accepted
- Supersedes 876566
Changelog and rpmlint error need correcting, %ifpython3 needs removing
Request History
dirkmueller created request
- update to 8.1.2:
- Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
- Update to 8.1.1
Security
* CVE-2021-25289: The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in TiffDecode.c.
* CVE-2021-25290: In TiffDecode.c, there is a negative-offset memcpy with an invalid size
* CVE-2021-25291: In TiffDecode.c, invalid tile boundaries could lead to an OOB Read in TiffReadRGBATile
* CVE-2021-25292: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
* CVE-2021-25293: There is an Out of Bounds Read in SGIRleDecode.c, since pillow 4.3.0.
There is an Exhaustion of Memory DOS in the ICNS, ICO, and BLP container formats where Pillow
did not properly check the reported size of the contained image. These images could cause
arbitrariliy large memory allocations. This was reported by Jiayi Lin, Luke Shaffer, Xinran Xie,
and Akshay Ajayan of ASU.edu.
Other Changes
A crash with the feature flags for LibJpeg and Webp on unreleased Python 3.10 has been fixed
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse set openSUSE:Factory:Staging:E as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:E"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:E"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:E got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:E got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:E got accepted.