package/python-pillow: security bumo to version 10.3.0
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
parent
32753c6f9d
commit
dfaa34ddd3
@ -1,6 +1,6 @@
|
||||
# md5, sha256 from https://pypi.org/pypi/pillow/json
|
||||
md5 13de96f9f98bc1c26439d64576a48ac6 pillow-10.2.0.tar.gz
|
||||
sha256 e87f0b2c78157e12d7686b27d63c070fd65d994e8ddae6f328e0dcf4a0cd007e pillow-10.2.0.tar.gz
|
||||
# md5, sha256 https://pypi.org/project/pillow/10.3.0/#copy-hash-modal-125abe0d-59be-40cd-89a3-3e2f78136be0
|
||||
md5 6c21a12849ae42f93881f614d8f6f651 pillow-10.3.0.tar.gz
|
||||
sha256 9d2455fbf44c914840c793e89aa82d0e1763a14253a000743719ae5946814b2d pillow-10.3.0.tar.gz
|
||||
|
||||
# Locally computed sha256 checksums
|
||||
sha256 e706384c6f299d1b6fa782ae657740b372b4bd7938a1a318bf94ac249114758a LICENSE
|
||||
|
@ -4,8 +4,8 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
PYTHON_PILLOW_VERSION = 10.2.0
|
||||
PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/f8/3e/32cbd0129a28686621434cbf17bb64bf1458bfb838f1f668262fefce145c
|
||||
PYTHON_PILLOW_VERSION = 10.3.0
|
||||
PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/ef/43/c50c17c5f7d438e836c169e343695534c38c77f60e7c90389bd77981bc21
|
||||
PYTHON_PILLOW_SOURCE = pillow-$(PYTHON_PILLOW_VERSION).tar.gz
|
||||
PYTHON_PILLOW_LICENSE = HPND
|
||||
PYTHON_PILLOW_LICENSE_FILES = LICENSE
|
||||
|
Loading…
Reference in New Issue
Block a user