CVE-2014-3589
Published: 25 August 2014
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
pillow Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Released
(2.3.0-1ubuntu3.2)
|
|
| upstream |
Released
(2.5.3-1)
|
|
| utopic |
Ignored
(end of life)
|
|
| vivid |
Not vulnerable
(2.7.0-1)
|
|
| wily |
Not vulnerable
(2.7.0-1)
|
|
| xenial |
Not vulnerable
(2.7.0-1)
|
|
|
Patches: upstream: https://github.com/python-pillow/Pillow/commit/205e056f8f9b06ed7b925cf8aa0874bc4aaf8a7d |
||
|
python-imaging Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
| precise |
Released
(1.1.7-4ubuntu0.12.04.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| utopic |
Does not exist
|
|
| vivid |
Does not exist
|
|
| wily |
Does not exist
|
|
| xenial |
Does not exist
|
|