Package: python-pil
Version: 2.2.1-3.1
Severity: important
Tags: security
PIL/JpegImagePlugin.py contains this code:
def load_djpeg(self):
# ALTERNATIVE: handle JPEGs via the IJG command line utilities
import tempfile, os
file = tempfile.mktemp()
os.system("djpeg %s >%s" % (self.filename, file))
From the tempfile.mktemp() docstring: “This function is unsafe and
should not be used. The file name refers to a file that did not exist at
some point, but by the time you get around to creating it, someone else
may have beaten you to the punch.”
There are other uses of tempfile.mktemp() in the PIL codebase. They are
most likely insecure too, but I haven't checked.
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
