CVE-2014-1932

Name	CVE-2014-1932
Description	The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	737059

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
pillow (PTS)	jessie, jessie (lts)	2.6.1-2+deb8u10	fixed
	stretch (security)	4.0.0-4+deb9u4	fixed
	stretch (lts), stretch	4.0.0-4+deb9u6	fixed
	buster (security), buster, buster (lts)	5.4.1-2+deb10u6	fixed
	bullseye (security), bullseye	8.1.2+dfsg-0.3+deb11u2	fixed
	bookworm (security), bookworm	9.4.0-1.1+deb12u1	fixed
	sid, trixie	10.4.0-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
pillow	source	(unstable)	2.4.0-1	low		737059
python-imaging	source	(unstable)	(unfixed)

[squeeze] - python-imaging <no-dsa> (Minor issue)
[wheezy] - python-imaging <no-dsa> (Minor issue)