Ubuntu 12.04 LTS : python-imaging vulnerabilities (USN-3080-1)
Medium Nessus Plugin ID 93559
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionEric Soroos discovered that the Python Imaging Library incorrectly handled certain malformed FLI or PhotoCD files. A remote attacker could use this issue to cause Python Imaging Library to crash, resulting in a denial of service. (CVE-2016-0775, CVE-2016-2533)
Andrew Drake discovered that the Python Imaging Libray incorrectly validated input. A remote attacker could use this to cause Python Imaging Library to crash, resulting in a denial of service.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected python-imaging package.