139 matches found
DLA-422-1 python-imaging - security update
Bulletin has no description...
Mandriva Linux Security Advisory : python-pillow (MDVSA-2015:099)
Updated python-imaging packages fix security vulnerabilities : Jakub Wilk discovered that temporary files were insecurely created via mktemp in the IptcImagePlugin.py, Image.py, JpegImagePlugin.py, and EpsImagePlugin.py files of Python Imaging Library. A local attacker could use this flaw to...
Debian DLA-41-1 : python-imaging security update
Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenabl...
Oracle Solaris Third-Party Patch Update : py_pil (cve_2014_3589_input_validation)
The remote Solaris system is missing necessary patches to address security updates : - PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size. CVE-2014-3589 %NASLMINLEVEL 703...
MGASA-2014-0476 Updated python-imaging and python-pillow packages fix security vulnerability
Python Image Library PIL 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters, due to an incomplete fix for CVE-2014-1932 CVE-2014-3007...
Mandriva Linux Security Advisory : python-imaging (MDVSA-2014:163)
Updated python-imaging packages fix security vulnerability : The Python Imaging Library is vulnerable to a denial of service attack in the IcnsImagePlugin CVE-2014-3589. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
[SECURITY] [DSA 3009-1] python-imaging security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3009-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 21, 2014 http://www.debian.org/security/faq -...
CVE-2014-3589
PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...
PYSEC-2014-10
PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...
Code injection
PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...
CVE-2014-3589
CVE-2014-3589 affects PIL/Pillow’s IcnsImagePlugin.py: Pillow and PIL before 2.3.2 and 2.5.x before 2.5.2 are vulnerable to a denial-of-service via a crafted block size. The root cause is an issue in image handling that allows remote attackers to trigger resource exhaustion. Affected products inc...
CVE-2014-3589
PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...
CVE-2014-3589
PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size...
[DLA 41-1] python-imaging security update
Package : python-imaging Version : 1.1.7-2+deb6u1 CVE ID : CVE-2014-3589 Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed...
DLA-41-1 python-imaging - security update
Bulletin has no description...
Debian DSA-3009-1 : python-imaging - security update
Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[SECURITY] [DSA 3009-1] python-imaging security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3009-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 21, 2014 http://www.debian.org/security/faq -...
MGASA-2014-0343 Updated python-imaging & python-pillow packages fix CVE-2014-3589
Updated python-imaging and python-pillow packages fix security vulnerabilities: The Python Imaging Library is vulnerable to a denial of service attack in the IcnsImagePlugin CVE-2014-3589...
Debian Security Advisory DSA 3009-1 (python-imaging - security update)
Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. OpenVAS Vulnerability Test $Id: deb3009.nasl 6769 2017-07-20 09:56:33Z teissa $ Auto-generated from advisory DSA 3009-1 usin...
DSA-3009-1 python-imaging - security update
Bulletin has no description...