[Git][security-tracker-team/security-tracker][master] Add CVE-2021-34552/pillow

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jul 14 16:19:40 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2df42859 by Salvatore Bonaccorso at 2021-07-14T17:19:28+02:00
Add CVE-2021-34552/pillow

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4854,7 +4854,8 @@ CVE-2021-34554
 CVE-2021-34553 (Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote au ...)
 	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2021-34552 (Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1. ...)
-	TODO: check
+	- pillow <unfixed>
+	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow
 CVE-2021-34551 (PHPMailer before 6.5.0 on Windows allows remote code execution if lang ...)
 	- libphp-phpmailer <not-affected> (Windows-specific)
 CVE-2021-34550 (An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2df42859bbe43067e7ab6109472bcc92901c5f3c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2df42859bbe43067e7ab6109472bcc92901c5f3c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210714/069c6273/attachment.htm>


More information about the debian-security-tracker-commits mailing list