meta-openembedded

MIRRORS/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-27 12:01:38 +01:00

Commit Graph

Author	SHA1	Message	Date
Rahul Janani Pandi	717462f811	python3-pillow: Fix CVE-2023-50447 Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). References: https://security-tracker.debian.org/tracker/CVE-2023-50447 https://github.com/python-pillow/Pillow/blob/10.2.0/CHANGES.rst Signed-off-by: Rahul Janani Pandi <RahulJanani.Pandi@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2024-04-28 13:10:23 -04:00

Author

SHA1

Message

Date

Rahul Janani Pandi

717462f811

python3-pillow: Fix CVE-2023-50447

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code
Execution via the environment parameter, a different vulnerability
than CVE-2022-22817 (which was about the expression parameter).

References:
https://security-tracker.debian.org/tracker/CVE-2023-50447
https://github.com/python-pillow/Pillow/blob/10.2.0/CHANGES.rst

Signed-off-by: Rahul Janani Pandi <RahulJanani.Pandi@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2024-04-28 13:10:23 -04:00

1 Commits