USN-3229-1: Python Imaging Library vulnerabilities<\/p>\n
13th March, 2017<\/em><\/p>\n A security issue affects these releases of Ubuntu and its Several security issues were fixed in the Python Imaging Library.\n<\/p>\n It was discovered that the Python Imaging Library incorrectly handled Cris Neckar discovered that the Python Imaging Library incorrectly handled Cris Neckar discovered that the Python Imaging Library incorrectly handled The problem can be corrected by updating your system to the following To update your system, please follow these instructions: In general, a standard system update will make all the necessary changes.<\/p>\n CVE-2014-9601<\/a>, <\/p>\n CVE-2016-9189<\/a>, <\/p>\n CVE-2016-9190<\/a><\/p>\n Source: USN-3229-1: Python Imaging Library vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" USN-3229-1: Python Imaging Library vulnerabilities Ubuntu Security Notice USN-3229-1 13th March, 2017 python-imaging vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the Python Imaging Library. Software description python-imaging – Python Imaging Library Details It was discovered that the Python Imaging Library incorrectly handledcertain compressed text chunks in PNG images. A remote attacker couldpossibly use this issue to cause the Python Imaging Library to crash,resulting in a denial of service. (CVE-2014-9601) Cris Neckar discovered that the Python Imaging Library incorrectly handledcertain malformed images. A remote attacker could use this issue to causethe Python Imaging Library to crash, resulting in a denial of service, orpossibly obtain sensitive information. (CVE-2016-9189) Cris Neckar discovered that the Python Imaging Library incorrectly handledcertain malformed images. A remote attacker could use this issue [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-14660","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/14660","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=14660"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/14660\/revisions"}],"predecessor-version":[{"id":14661,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/14660\/revisions\/14661"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=14660"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=14660"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=14660"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}python-imaging vulnerabilities<\/h3>\n
\n derivatives:<\/p>\n\n
Summary<\/h3>\n
Software description<\/h3>\n
\n
\n – Python Imaging Library<\/p>\n<\/li>\n<\/ul>\nDetails<\/h3>\n
certain compressed text chunks in PNG images. A remote attacker could
possibly use this issue to cause the Python Imaging Library to crash,
resulting in a denial of service. (CVE-2014-9601<\/a>)<\/p>\n
certain malformed images. A remote attacker could use this issue to cause
the Python Imaging Library to crash, resulting in a denial of service, or
possibly obtain sensitive information. (CVE-2016-9189<\/a>)<\/p>\n
certain malformed images. A remote attacker could use this issue to cause
the Python Imaging Library to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2016-9190<\/a>)<\/p>\nUpdate instructions<\/h3>\n
\npackage version:<\/p>\n\n
\n
\n 1.1.7-4ubuntu0.12.04.3<\/a>
\n <\/span>\n <\/dd>\n<\/dl>\n
\nhttps:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\nReferences<\/h3>\n