Debian Security Advisory
DLA-422-1 python-imaging -- LTS security update
- Date Reported:
- 21 Feb 2016
- Affected Packages:
- python-imaging
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 813909.
In Mitre's CVE dictionary: CVE-2016-0775. - More information:
-
Two buffer overflows were discovered in python-imaging, a Python library for loading and manipulating image files, which may lead to the execution of arbitrary code.
- CVE-2016-0775
Buffer overflow in FliDecode.c
The second buffer overflow was in PcdDecode.c. A CVE identifier has not been assigned yet.
For Debian 6
Squeeze
, these problems have been fixed in version 1.1.7-2+deb6u2.We recommend that you upgrade your python-imaging packages.
- CVE-2016-0775
