subject:"\[oe\] \[meta\-python\]\[PATCH\] python3\-pillow\: upgrade 8.3.1 \-> 8.3.2"

Re: [oe] [meta-python] [PATCH] python3-pillow: upgrade 8.3.1 -> 8.3.2

2021-09-09 Thread Khem Raj

On 9/9/21 2:56 PM, zangrc wrote: 8.3.2 (2021-09-02) -- - CVE-2021-23437 Raise ValueError if color specifier is too long [hugovk, radarhere] - Fix 6-byte OOB read in FliDecode [wiredfool] - Add support for Python 3.10 #5569, #5570 [hugovk, radarhere] - Ensure TIFF ``Rows

[oe] [meta-python] [PATCH] python3-pillow: upgrade 8.3.1 -> 8.3.2

2021-09-09 Thread zangrc

8.3.2 (2021-09-02) -- - CVE-2021-23437 Raise ValueError if color specifier is too long [hugovk, radarhere] - Fix 6-byte OOB read in FliDecode [wiredfool] - Add support for Python 3.10 #5569, #5570 [hugovk, radarhere] - Ensure TIFF ``RowsPerStrip`` is multiple of 8 for JPEG com

[oe] [meta-python][PATCH] python3-pillow: upgrade 8.3.1 -> 8.3.2

2021-09-08 Thread Trevor Gamblin

>From the release notes: - CVE-2021-23437: Avoid a potential ReDoS (regular expression denial of service) in ImageColor’s getrgb() by raising ValueError if the color specifier is too long. Present since Pillow 5.2.0. - Fix 6-byte out-of-bounds (OOB) read. The previous bounds check in FliDecode.c i