drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Python
Name: |
Mehrere Probleme in Python |
|
ID: |
USN-3229-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Di, 14. März 2017, 07:31 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190 |
|
Applikationen: |
Python |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3142290581900795755== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Xo0AEULBSEtIUpv0qLsQAgbuejPfhGW0Q"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Xo0AEULBSEtIUpv0qLsQAgbuejPfhGW0Q Content-Type: multipart/mixed; boundary="uaEtDHDUcvfEE270hj378DsCODbptl1xd" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <9b4357a8-dd41-761f-7d0a-4ec4ae4fad6e@canonical.com> Subject: [USN-3229-1] Python Imaging Library vulnerabilities
--uaEtDHDUcvfEE270hj378DsCODbptl1xd Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3229-1 March 13, 2017
python-imaging vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in the Python Imaging Library.
Software Description: - python-imaging: Python Imaging Library
Details:
It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. (CVE-2014-9601)
Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-9189)
Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9190)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: python-imaging 1.1.7-4ubuntu0.12.04.3
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3229-1 CVE-2014-9601, CVE-2016-9189, CVE-2016-9190
Package Information: https://launchpad.net/ubuntu/+source/python-imaging/1.1.7-4ubuntu0.12.04.3
--uaEtDHDUcvfEE270hj378DsCODbptl1xd--
--Xo0AEULBSEtIUpv0qLsQAgbuejPfhGW0Q Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJYxt0YAAoJEGVp2FWnRL6Tz9cP/RyBkJE0QQaHFIv4zEu2e5Md 6z7NVx4BIXDigThxcg3g1H4JfhMcEZzSGqHqwyRZTedXNenNL6vwq/ynGDxzHHaf Hk/J2MvYn5SFjxrCBi2Hcg/T+ij+9532LdrmugTcqkIPQQYnn15OeP+2lT9h+dnB 2KTPq/cNeH+ozDJOWfh7shi3Hp/vBGuQx2XvBcXgr9cY+yLYaM9Z5YRdtCEB6RYP og6WMXEhBA4hCOuUrJ/P3ZIW0nNGFsj9EdEwiwa35yW7TDcamplwC6e8z1opLWNj t7+KsmBkWJXhTKITq1din8+Du300tCLY/X7sC5ltGirFsJhKXxqh+ykksDu6zntM j4eaRFtgZM/c4iGcGCRePQBWvK8FwqBjCYL9cwQbXox8rLUGQfupOjYuv/WufMEM 7gngMraNURtzymP18jdILqgUuQzKCMuL2nAzDWwPAXUBoTtkrFdv9NUXlNYq94Cf YNYzGqTiSlSlVnIDuCsIIzOKt3rHJyUoFusALrB+SDfSBDlAB+MtDwGcQ3pGRrCN 81Ogk3xw+A/TIleGm/ux7KoRyultQ28CEdqY02H1JIL61LABNCJM2HLhhYMcAE8+ /3yKKlWei7kxuNJLlz8BPrZnsl5/lyWUaHXb8hvR+HiGMz/ODcseXjpmQbxXzhbE aTff+41IUYQt7Nsk6nYC =RzxO -----END PGP SIGNATURE-----
--Xo0AEULBSEtIUpv0qLsQAgbuejPfhGW0Q--
--===============3142290581900795755== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3142290581900795755==--
|
|
|
|