drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Pillow
Name: |
Zwei Probleme in Pillow |
|
ID: |
DSA-3710-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian jessie, Debian stretch |
|
Datum: |
Fr, 11. November 2016, 06:14 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189 |
|
Applikationen: |
Pillow |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3710-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 10, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : pillow CVE ID : CVE-2016-9189 CVE-2016-9190
Cris Neckar discovered multiple vulnerabilities in Pillow, a Python imaging library, which may result in the execution of arbitrary code or information disclosure if a malformed image file is processed.
For the stable distribution (jessie), these problems have been fixed in version 2.6.1-2+deb8u3.
For the testing distribution (stretch), these problems have been fixed in version 3.4.2-1.
For the unstable distribution (sid), these problems have been fixed in version 3.4.2-1.
We recommend that you upgrade your pillow packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYJPAgAAoJEBDCk7bDfE421K8QAIMule3HpGCBoZzgr4q/klhm 2PVJsVojEZmThAoi+3ag2U/+tCVuCQygpCo7GEvffpYKk8a1JNbPAOrVR1DeExzO dD6H9W3K11rMxn298yESNxqHdME/h3IC7iqeGnL1ZWMi8/YnAofzt+DnoOF+iHLQ uK238iUSe5cPvL3K46G6vHIQc44bW7vhlLV6xKRw8VgkDD9+kq2rv+gxEqmMUV50 kX0Q/Vul1qUopbr8OhUsKTf8XvYlSx6vajw/Rgfg0BsBb1S4a/JIAfbX0CecpgSm Be4oHyaN1N41ZYfkZSK9ehRaQOkWEKL90hDTwUgswY9xV2n6vZD3sZZTz5TLi9sz TB8Segnty6SWjPDZU/ox/GyePujK7OfKf0/SY5FaLuL73D6LpHSAXm15mvX4BMQ2 mxA7LWgits+M6vHA242Un43lBFnprKPvT2cw9Rv01s9wj8NAa1o049fLkNe16Kl7 Zv4wXIFrDMT9wlGPfoG3dILLLoKEiyQZbLbEZMsv+o7n4E+QyFKruaQdLKtdDd9T kh287vjoEDZgWTEdfV/9rLtqDcLT7mn20wWKf6kKLrNKSenguEiR1LmxL4s9uSSn dO994c0VO+9B9gjA7lr2PyPQ29EhjhkqSOnHdv57l9G+THWV+gRPtyC1crAH4g8A WL8qz/c75BNGap0x0Gv7 =N5cx -----END PGP SIGNATURE-----
|
|
|
|