Security update for python-Pillow SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:2057-1 Final 1 1 2020-07-27T20:26:47Z current 2020-07-27T20:26:47Z 2020-07-27T20:26:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for python-Pillow This update for python-Pillow fixes the following issues: - Add 0019-FLI-overflow-error-fix-and-testcase.patch * Fixes CVE-2016-0775, bsc#965582 - Add 0020-Fix-OOB-reads-in-FLI-decoding.patch * Fixes CVE-2020-10177, bsc#1173413 - Add 0021-Fix-bounds-overflow-in-JPEG-2000-decoding.patch * Fixes CVE-2020-10994, bsc#1173418 - Add 0022-Fix-bounds-overflow-in-PCX-decoding.patch * Fixes CVE-2020-10378, bsc#1173416 - Add 0008-Corrected-negative-seeks.patch * Fixes part of CVE-2019-16865, bsc#1153191 - Add 0009-Make-Image.crop-an-immediate-operation.patch * Fixes https://github.com/python-pillow/Pillow/issues/1077 * Used by 0012-Added-decompression-bomb-checks.patch - Add 0010-Crop-decompression.patch * Used by 0012-Added-decompression-bomb-checks.patch - Add 0011-Added-DecompressionBombError.patch * Used by 0012-Added-decompression-bomb-checks.patch - Add 0012-Added-decompression-bomb-checks.patch * Fixes part of CVE-2019-16865, bsc#1153191 - Add 0013-Raise-error-if-dimension-is-a-string.patch * Fixes part of CVE-2019-16865, bsc#1153191 - Add 0014-Catch-buffer-overruns.patch * Fixes part of CVE-2019-16865, bsc#1153191 - Add 0015-Catch-PCX-P-mode-buffer-overrun.patch * Fixes CVE-2020-5312, bsc#1160152 - Add 0016-Ensure-previous-FLI-frame-is-loaded.patch * Fixes https://github.com/python-pillow/Pillow/issues/2649 * Uncovers CVE-2020-5313, bsc#1160153 - Add 0017-Catch-FLI-buffer-overrun.patch * Fixes CVE-2020-5313, bsc#1160153 - Add 018-Invalid-number-of-bands-in-FPX-image.patch * Fixes CVE-2019-19911, bsc#1160192 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2020-2057,SUSE-Storage-5-2020-2057 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ Link for SUSE-SU-2020:2057-1 https://lists.suse.com/pipermail/sle-security-updates/2020-July/007188.html E-Mail link for SUSE-SU-2020:2057-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1153191 SUSE Bug 1153191 https://bugzilla.suse.com/1160152 SUSE Bug 1160152 https://bugzilla.suse.com/1160153 SUSE Bug 1160153 https://bugzilla.suse.com/1160192 SUSE Bug 1160192 https://bugzilla.suse.com/1173413 SUSE Bug 1173413 https://bugzilla.suse.com/1173416 SUSE Bug 1173416 https://bugzilla.suse.com/1173418 SUSE Bug 1173418 https://bugzilla.suse.com/965582 SUSE Bug 965582 https://www.suse.com/security/cve/CVE-2016-0775/ SUSE CVE CVE-2016-0775 page https://www.suse.com/security/cve/CVE-2019-16865/ SUSE CVE CVE-2019-16865 page https://www.suse.com/security/cve/CVE-2019-19911/ SUSE CVE CVE-2019-19911 page https://www.suse.com/security/cve/CVE-2020-10177/ SUSE CVE CVE-2020-10177 page https://www.suse.com/security/cve/CVE-2020-10378/ SUSE CVE CVE-2020-10378 page https://www.suse.com/security/cve/CVE-2020-10994/ SUSE CVE CVE-2020-10994 page https://www.suse.com/security/cve/CVE-2020-5312/ SUSE CVE CVE-2020-5312 page https://www.suse.com/security/cve/CVE-2020-5313/ SUSE CVE CVE-2020-5313 page SUSE Enterprise Storage 5 python-Pillow-2.8.1-3.9.1 python-Pillow-tk-2.8.1-3.9.1 python-Pillow-2.8.1-3.9.1 as a component of SUSE Enterprise Storage 5 Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file. CVE-2016-0775 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2016-0775.html CVE-2016-0775 https://bugzilla.suse.com/965579 SUSE Bug 965579 https://bugzilla.suse.com/965582 SUSE Bug 965582 An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image. CVE-2019-16865 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2019-16865.html CVE-2019-16865 https://bugzilla.suse.com/1153191 SUSE Bug 1153191 There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer. CVE-2019-19911 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2019-19911.html CVE-2019-19911 https://bugzilla.suse.com/1160192 SUSE Bug 1160192 Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. CVE-2020-10177 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2020-10177.html CVE-2020-10177 https://bugzilla.suse.com/1173413 SUSE Bug 1173413 In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. CVE-2020-10378 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2020-10378.html CVE-2020-10378 https://bugzilla.suse.com/1161670 SUSE Bug 1161670 https://bugzilla.suse.com/1173416 SUSE Bug 1173416 In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file. CVE-2020-10994 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2020-10994.html CVE-2020-10994 https://bugzilla.suse.com/1173418 SUSE Bug 1173418 libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. CVE-2020-5312 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2020-5312.html CVE-2020-5312 https://bugzilla.suse.com/1160152 SUSE Bug 1160152 libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. CVE-2020-5313 SUSE Enterprise Storage 5:python-Pillow-2.8.1-3.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202057-1/ https://www.suse.com/security/cve/CVE-2020-5313.html CVE-2020-5313 https://bugzilla.suse.com/1160153 SUSE Bug 1160153