FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Pillow -- multiple vulnerabilities

Affected packages
py27-pillow < 3.3.2
py33-pillow < 3.3.2
py34-pillow < 3.3.2
py35-pillow < 3.3.2

Details

VuXML ID bc4898d5-a794-11e6-b2d3-60a44ce6887b
Discovery 2016-09-06
Entry 2016-12-04

Pillow reports:

Pillow prior to 3.3.2 may experience integer overflow errors in map.c when reading specially crafted image files. This may lead to memory disclosure or corruption.

Pillow prior to 3.3.2 and PIL 1.1.7 (at least) do not check for negative image sizes in ImagingNew in Storage.c. A negative image size can lead to a smaller allocation than expected, leading to arbi trary writes.

References

CVE Name CVE-2016-9189
CVE Name CVE-2016-9190
FreeBSD PR ports/214410
URL http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html
URL https://github.com/python-pillow/Pillow/issues/2105