CVE-2020-5313

Priority
Description
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
Assigned-to
leosilva
Notes
leosilvain trusty code affected is in libimaging/FileDecode.c.
Package
Upstream:released (7.0.0-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (2.3.0-1ubuntu3.4+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.1.2-0ubuntu1.3)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.1.0-1ubuntu0.2)
Ubuntu 19.10 (Eoan Ermine):released (6.1.0-1ubuntu0.2)
Ubuntu 20.04 (Focal Fossa):released (7.0.0-4)
Patches:
Upstream:https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b
More Information

Updated: 2020-02-07 13:15:36 UTC (commit 9668d5ee82105b27f4ad8ac6f53a5ff5f7a9dad0)