Revisions of python-Pillow
Oliver Kurz (okurz)
accepted
request 882938
from
Arun Persaud (apersaud)
(revision 115)
update to latest version
buildservice-autocommit
accepted
request 877608
from
Dirk Mueller (dirkmueller)
(revision 114)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 113)
- update to 8.1.2: - Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
Dirk Mueller (dirkmueller)
committed
(revision 112)
- Fix rpmlint warning about duplicate file definition - Fix package build by relying on %python_subpackages for Obsoletes/Conflicts (bsc#1181281)
Oliver Kurz (okurz)
accepted
request 876407
from
Adrian Schröter (adrianSuSE)
(revision 111)
- Update to 8.1.1 Security * CVE-2021-25289: The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in TiffDecode.c. * CVE-2021-25290: In TiffDecode.c, there is a negative-offset memcpy with an invalid size * CVE-2021-25291: In TiffDecode.c, invalid tile boundaries could lead to an OOB Read in TiffReadRGBATile * CVE-2021-25292: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack. * CVE-2021-25293: There is an Out of Bounds Read in SGIRleDecode.c, since pillow 4.3.0. There is an Exhaustion of Memory DOS in the ICNS, ICO, and BLP container formats where Pillow did not properly check the reported size of the contained image. These images could cause arbitrariliy large memory allocations. This was reported by Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan of ASU.edu. Other Changes A crash with the feature flags for LibJpeg and Webp on unreleased Python 3.10 has been fixed
buildservice-autocommit
accepted
request 867671
from
Markéta Machová (mcalabkova)
(revision 110)
baserev update by copy to link target
Markéta Machová (mcalabkova)
accepted
request 867517
from
Oliver Kurz (okurz)
(revision 109)
Fix package build by relying on %python_subpackages for Obsoletes/Conflicts (bsc#1181281)
Dirk Mueller (dirkmueller)
committed
(revision 108)
- update to 8.1.0 (bsc#1180833, bsc#1180834, bsc#1180832): * Fix TIFF OOB Write error. CVE-2020-35654 * Fix for Read Overflow in PCX Decoding. CVE-2020-35653 * Fix for SGI Decode buffer overrun. CVE-2020-35655 * Fix OOB Read when saving GIF of xsize=1 * Makefile updates * Add support for PySide6 * Use disposal settings from previous frame in APNG * Added exception explaining that _repr_png_ saves to PNG * Use previous disposal method in GIF load_end * Allow putpalette to accept 1024 integers to include alpha values * Fix OOB Read when writing TIFF with custom Metadata * Added append_images support for ICO * Block TIFFTAG_SUBIFD * Fixed dereferencing potential null pointers * Deprecate FreeType 2.7 * Moved warning to end of execution * Removed unused fromstring and tostring C methods * init() if one of the formats is unrecognised * Moved string_dimension CVE image to pillow-depends * Support raw rgba8888 for DDS - drop patches python-Pillow-tiff-4.2.0.patch python-Pillow-tiff-fix-oob-read.patch (upstream)
buildservice-autocommit
accepted
request 859431
from
Matej Cepl (mcepl)
(revision 107)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 859409
from
Petr Gajdos (pgajdos)
(revision 106)
- fix build with libtiff 4.2.0 - added patches fix https://github.com/python-pillow/Pillow/pull/5153 + python-Pillow-tiff-4.2.0.patch fix https://github.com/python-pillow/Pillow/commit/416f12e772d2b3cb920b18b3625e8b1419d7519e + python-Pillow-tiff-fix-oob-read.patch
buildservice-autocommit
accepted
request 848972
from
Matej Cepl (mcepl)
(revision 105)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 848744
from
Arun Persaud (apersaud)
(revision 104)
update to latest version
buildservice-autocommit
accepted
request 846884
from
Matej Cepl (mcepl)
(revision 103)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 846840
from
Callum Farmer (gmbr3)
(revision 102)
- Fix build with RPM 4.16: error: bare words are no longer supported, please use "...": no == yes.
buildservice-autocommit
accepted
request 827807
from
Tomáš Chvátal (scarabeus_iv)
(revision 101)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
committed
(revision 100)
- Fix build on leap and do not pull in the pytest-runner
buildservice-autocommit
accepted
request 824544
from
Matej Cepl (mcepl)
(revision 99)
baserev update by copy to link target
Matej Cepl (mcepl)
committed
(revision 98)
- Remove dependency on pytest-runner as it is unnecessary
buildservice-autocommit
accepted
request 820507
from
Tomáš Chvátal (scarabeus_iv)
(revision 97)
baserev update by copy to link target
Tomáš Chvátal (scarabeus_iv)
accepted
request 820450
from
Arun Persaud (apersaud)
(revision 96)
update to latest version
Displaying revisions 41 - 60 of 155