Debian Linux Distribution

Find the information you need for your favorite open source distribution .

=========================================================================Ubuntu Security Notice USN-3229-1
March 13, 2017

python-imaging vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the Python Imaging Library.

Software Description:
- python-imaging: Python Imaging Library

Details:

It was discovered that the Python Imaging Library incorrectly handled
certain compressed text chunks in PNG images. A remote attacker could
possibly use this issue to cause the Python Imaging Library to crash,
resulting in a denial of service. (CVE-2014-9601)

Cris Neckar discovered that the Python Imaging Library incorrectly handled
certain malformed images. A remote attacker could use this issue to cause
the Python Imaging Library to crash, resulting in a denial of service, or
possibly obtain sensitive information. (CVE-2016-9189)

Cris Neckar discovered that the Python Imaging Library incorrectly handled
certain malformed images. A remote attacker could use this issue to cause
the Python Imaging Library to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2016-9190)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
  python-imaging                  1.1.7-4ubuntu0.12.04.3

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3229-1
  CVE-2014-9601, CVE-2016-9189, CVE-2016-9190

Package Information:
  https://launchpad.net/ubuntu/+source/python-imaging/1.1.7-4ubuntu0.12.04.3


Ubuntu 3229-1: Python Imaging Library vulnerabilities

March 13, 2017
Several security issues were fixed in the Python Imaging Library.

Summary

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: python-imaging 1.1.7-4ubuntu0.12.04.3 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3229-1

CVE-2014-9601, CVE-2016-9189, CVE-2016-9190

Severity
March 13, 2017

Package Information

https://launchpad.net/ubuntu/+source/python-imaging/1.1.7-4ubuntu0.12.04.3

Related News