projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a052ecb)
package/python-pillow: security bump to version 8.3.2
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Mon, 13 Sep 2021 20:51:31 +0000 (22:51 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 14 Sep 2021 06:12:12 +0000 (08:12 +0200)
- Fix CVE-2021-23437 Raise ValueError if color specifier is too long
- Fix 6-byte OOB read in FliDecode
- Update indentation in hash file (two spaces)

https://github.com/python-pillow/Pillow/releases/tag/8.3.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/python-pillow/python-pillow.hash patch | blob | history
package/python-pillow/python-pillow.mk patch | blob | history

diff --git a/package/python-pillow/python-pillow.hash b/package/python-pillow/python-pillow.hash
index fb1ec53a0011e1699ecfc6eb364eb7eb7d0fabac..3b5bdf2535a5f1b1a3658b2966241d9048cbbf96 100644 (file)
--- a/package/python-pillow/python-pillow.hash
+++ b/package/python-pillow/python-pillow.hash
@@ -1,5 +1,6 @@
 # md5, sha256 from https://pypi.org/pypi/pillow/json
-md5  e42fc66e41b5309436a573af49cec47c  Pillow-8.3.1.tar.gz
-sha256 2cac53839bfc5cece8fdbe7f084d5e3ee61e1303cccc86511d351adcb9e2c792  Pillow-8.3.1.tar.gz
+md5  a7fc550b80819eab11e01cc097913700  Pillow-8.3.2.tar.gz
+sha256  dde3f3ed8d00c72631bc19cbfff8ad3b6215062a5eed402381ad365f82f0c18c  Pillow-8.3.2.tar.gz
+
 # Locally computed sha256 checksums
-sha256 5bb11d96b393a698df70018069a986248021f286344c437a13f299c3daf1dfd4  LICENSE
+sha256  5bb11d96b393a698df70018069a986248021f286344c437a13f299c3daf1dfd4  LICENSE
diff --git a/package/python-pillow/python-pillow.mk b/package/python-pillow/python-pillow.mk
index a55a937c111005c3ac7441b5bec4538439b48856..168c9d632c1071d090e3c49d3dc260f3e8726406 100644 (file)
--- a/package/python-pillow/python-pillow.mk
+++ b/package/python-pillow/python-pillow.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-PYTHON_PILLOW_VERSION = 8.3.1
-PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/8f/7d/1e9c2d8989c209edfd10f878da1af956059a1caab498e5bc34fa11b83f71
+PYTHON_PILLOW_VERSION = 8.3.2
+PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/90/d4/a7c9b6c5d176654aa3dbccbfd0be4fd3a263355dc24122a5f1937bdc2689
 PYTHON_PILLOW_SOURCE = Pillow-$(PYTHON_PILLOW_VERSION).tar.gz
 PYTHON_PILLOW_LICENSE = HPND
 PYTHON_PILLOW_LICENSE_FILES = LICENSE