Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:1673-1

Опубликовано: 17 мая 2024
Источник: suse-cvrf

Описание

Security update for python-Pillow

This update for python-Pillow fixes the following issues:

  • Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815, bsc#1194551, CVE-2022-22816)
  • Use snprintf instead of sprintf (bsc#1188574, CVE-2021-34552)
  • Fix Memory DOS in Icns, Ico and Blp Image Plugins. (bsc#1183110, CVE-2021-27921, bsc#1183108, CVE-2021-27922, bsc#1183107, CVE-2021-27923)
  • Fix OOB read in SgiRleDecode.c (bsc#1183102, CVE-2021-25293)
  • Use more specific regex chars to prevent ReDoS (bsc#1183101, CVE-2021-25292)
  • Fix negative size read in TiffDecode.c (bsc#1183105, CVE-2021-25290)
  • Raise ValueError if color specifier is too long (bsc#1190229, CVE-2021-23437)
  • Incorrect error code checking in TiffDecode.c (bsc#1183103, CVE-2021-25289)
  • OOB Write in TiffDecode.c (bsc#1180833, CVE-2020-35654)

Список пакетов

openSUSE Leap 15.5
python3-Pillow-7.2.0-150300.3.15.1
python3-Pillow-tk-7.2.0-150300.3.15.1

Ссылки

Описание

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки

Описание

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

Затронутые продукты
openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.15.1
openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.15.1
Ссылки