{"id":"MGASA-2021-0389","summary":"Updated python-pillow packages fix security vulnerabilities","details":"Updated python-pillow packages fix security vulnerabilities:\n\nAn issue was discovered in Pillow before 8.2.0. There is an out-of-bounds\nread in J2kDecode, in j2ku_graya_la (CVE-2021-25287).\n\nAn issue was discovered in Pillow before 8.2.0. There is an out-of-bounds\nread in J2kDecode, in j2ku_gray_i (CVE-2021-25288).\n\nAn issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile\nlacked a sanity check on the number of input layers relative to the size of\nthe data block. This could lead to a DoS on Image.open prior to Image.load\n(CVE-2021-28675).\n\nAn issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did\nnot properly check that the block advance was non-zero, potentially leading\nto an infinite loop on load (CVE-2021-28676).\n\nAn issue was discovered in Pillow before 8.2.0. For EPS data, the readline\nimplementation used in EPSImageFile has to deal with any combination of \\r\nand \\n as line endings. It used an accidentally quadratic method of\naccumulating lines while looking for a line ending. A malicious EPS file\ncould use this to perform a DoS of Pillow in the open phase, before an\nimage was accepted for opening (CVE-2021-28677).\n\nAn issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin\ndid not properly check that reads (after jumping to file offsets) returned\ndata. This could lead to a DoS where the decoder could be run a large number\nof times on empty data (CVE-2021-28678).\n\nPillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7\nallow an attacker to pass controlled parameters directly into a convert\nfunction to trigger a buffer overflow in Convert.c (CVE-2021-34552).\n","modified":"2026-04-16T04:44:17.485213954Z","published":"2021-08-06T09:33:48Z","upstream":["CVE-2021-25287","CVE-2021-25288","CVE-2021-28675","CVE-2021-28676","CVE-2021-28677","CVE-2021-28678","CVE-2021-34552"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0389.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29002"}],"affected":[{"package":{"name":"python-pillow","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/python-pillow?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.1.2-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0389.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}