Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:1673-2

Опубликовано: 13 июн. 2024
Источник: suse-cvrf

Описание

Security update for python-Pillow

This update for python-Pillow fixes the following issues:

  • Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815, bsc#1194551, CVE-2022-22816)
  • Use snprintf instead of sprintf (bsc#1188574, CVE-2021-34552)
  • Fix Memory DOS in Icns, Ico and Blp Image Plugins. (bsc#1183110, CVE-2021-27921, bsc#1183108, CVE-2021-27922, bsc#1183107, CVE-2021-27923)
  • Fix OOB read in SgiRleDecode.c (bsc#1183102, CVE-2021-25293)
  • Use more specific regex chars to prevent ReDoS (bsc#1183101, CVE-2021-25292)
  • Fix negative size read in TiffDecode.c (bsc#1183105, CVE-2021-25290)
  • Raise ValueError if color specifier is too long (bsc#1190229, CVE-2021-23437)
  • Incorrect error code checking in TiffDecode.c (bsc#1183103, CVE-2021-25289)
  • OOB Write in TiffDecode.c (bsc#1180833, CVE-2020-35654)

Список пакетов

SUSE Linux Enterprise Module for Package Hub 15 SP6
python3-Pillow-7.2.0-150300.3.15.1

Ссылки

Описание

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки

Описание

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:python3-Pillow-7.2.0-150300.3.15.1
Ссылки