1. Forum
  2. FidoNet
  3. SECURITY

  • Ubuntu Security Notice USN-5227-3

    From Security Bot@2:250/1 to All on Sun Nov 6 16:22:00 2022


    Ubuntu Security Notice USN-5227-3

    Ubuntu Security Notice 5227-3 - USN-5227-1 fixed vulnerabilities in
    Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete.
    This update fixes the problem. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked
    into opening a specially-crafted file, a remote attacker could cause
    Pillow to hang, resulting in a denial of service. It was discovered that
    Pillow incorrectly handled certain image files. If a user or automated
    system were tricked into opening a specially-crafted file, a remote
    attacker could cause Pillow to crash, resulting in a denial of service.
    This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
    21.04. It was discovered that Pillow incorrectly handled certain image
    files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. It
    was discovered that Pillow incorrectly handled certain image files. If a
    user or automated system were tricked into opening a specially-crafted
    file, a remote attacker could cause Pillow to crash, resulting in a denial
    of service. It was discovered that Pillow incorrectly handled certain
    image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code.

    https://packetstormsecurity.com/files/169490/USN-5227-3.txt

    Tue, 25 Oct 2022 12:58:32 GMT
    ________________________________
    --- The information is for inforamtional purposes only.
    * Origin: Read us with http://winpoint.org JID: rs@captflint.com