upgrade pillow etc. to fix safety issues in 1.6.0 dockerfiles

[YYStreet]

Issue #, if available: Safety issue

-> pillow, installed 6.2.0, affected <6.2.2, id 37782
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. See: CVE-2020-5313.
--
-> pillow, installed 6.2.0, affected <6.2.2, id 37781
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. See:CVE-2020-5312.
--
-> pillow, installed 6.2.0, affected <6.2.2, id 37780
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. See: CVE-2020-5311.
--
-> pillow, installed 6.2.0, affected <6.2.2, id 37779
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. See: CVE-2020-5310.
--
-> pillow, installed 6.2.0, affected >6.0,<6.2.2, id 37772
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer. See: CVE-2019-19911.

Description of changes: Upgrade Pillow to latest version for py2 and py3 correspondingly

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[sagemaker-bot]

AWS CodeBuild CI Report

• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[sagemaker-bot]

AWS CodeBuild CI Report

• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository