According to the RedHat summary:
It was found that in storage.c, the image size is not checked for negative values. This can lead to a null pointer dereference in 3.3.x, or a dereference of junk memory prior to that.
We have pinged the Python team in other Pillow bugs so I am calling for stable due to timeout.
@arches, please stabilize:
Stable for HPPA PPC64.
I revbumped pillow-3.4.2 to resolve a file collision (bug 600694).
Remaining archs should proceed with dev-python/pillow-3.4.2-r1 instead.
Maintainer(s), please cleanup.
*** Bug 596356 has been marked as a duplicate of this bug. ***
This issue was resolved and addressed in
GLSA 201612-52 at https://security.gentoo.org/glsa/201612-52
by GLSA coordinator Thomas Deutschmann (whissi).
Re-opening for cleanup.
@ Maintainer(s): Please either drop <dev-python/pillow-3.4.2-r1 or apply package masks indicating a security problem.