[ubuntu/resolute-updates] pillow 12.1.1-2ubuntu1.2 (Accepted)
Ubuntu Archive Autosync Bot
ubuntu-archive-autosync-bot at canonical.com
Mon Jun 8 14:19:26 UTC 2026
pillow (12.1.1-2ubuntu1.2) resolute-security; urgency=medium
* SECURITY UPDATE: integer overflow via large font advances
- debian/patches/CVE-2026-42308.patch: Use long for glyph position in
src/_imagingft.c.
- CVE-2026-42308
* SECURITY UPDATE:heap buffer overflow via recursive nested lists
- debian/patches/CVE-2026-42309.patch: Reject non-numeric elements inside
list coords in Tests/test_imagepath.py, src/path.c.
- CVE-2026-42309
* SECURITY UPDATE: DoS via malicious PDF
- debian/patches/CVE-2026-42310.patch: Raise an error if the trailer chain
loops back on itself in src/PIL/PdfParser.py.
- CVE-2026-42310
* SECURITY UPDATE: DoS or code exec via malicious PSD file
- debian/patches/CVE-2026-42311-pre1.patch: Simplify `setimage()` by always
passing extents in src/PIL/Image.py, src/decode.c, src/encode.c.
- debian/patches/CVE-2026-42311-pre2.patch: Simplify setimage() in
src/PIL/ImageFile.py.
- debian/patches/CVE-2026-42311-pre3.patch: Allow None extents in C setimage
in Tests/test_imagefile.py, src/decode.c, src/encode.c.
- debian/patches/CVE-2026-42311-1.patch: Avoid overflow by not adding
extents together in src/decode.c, src/encode.c.
- debian/patches/CVE-2026-42311-2.patch: Copy offset check from C into
Python in Tests/test_imagefile.py, src/PIL/ImageFile.py.
- CVE-2026-42311
Date: 2026-06-04 19:59:11.547823+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Autosync Bot <ubuntu-archive-autosync-bot at canonical.com>
https://launchpad.net/ubuntu/+source/pillow/12.1.1-2ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Resolute-changes
mailing list