A pillow regression update has been released for Debian GNU/Linux 8 Extended LTS to address a regression introduced by the previous update.
ELA-546-2 pillow regression update
Package : pillow
ELA-546-2 pillow regression update
Version : 2.6.1-2+deb8u8 (jessie)
Related CVEs :
CVE-2021-28675
The patch to address CVE-2021-28675 in Pillow 2.6.1-2+deb8u7 raised OSError exceptions when processing truncated files. This version has been updated to raise IOError exceptions instead, which makes Pillow itself handle the error, making it more transparent to users.