MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-27 12:01:38 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
376f3a1aba
meta-openembedded/meta-python/recipes-devtools/python/python3-pillow
History
Rahul Janani Pandi 717462f811 python3-pillow: Fix CVE-2023-50447 
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code
Execution via the environment parameter, a different vulnerability
than CVE-2022-22817 (which was about the expression parameter).

References:
https://security-tracker.debian.org/tracker/CVE-2023-50447
https://github.com/python-pillow/Pillow/blob/10.2.0/CHANGES.rst

Signed-off-by: Rahul Janani Pandi <RahulJanani.Pandi@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-04-28 13:10:23 -04:00
..
0001-explicitly-set-compile-options.patch python3-pillow: Upgrade 6.2.1 -> 7.2.0 2020-09-02 08:55:52 -07:00
0001-support-cross-compiling.patch python3-pillow: Upgrade 7.2.0 -> 8.1.0 2021-01-12 09:16:03 -08:00
CVE-2023-44271.patch python3-pillow: Fix CVE-2023-44271 2024-01-12 07:14:16 -05:00
CVE-2023-50447-1.patch python3-pillow: Fix CVE-2023-50447 2024-04-28 13:10:23 -04:00
CVE-2023-50447-2.patch python3-pillow: Fix CVE-2023-50447 2024-04-28 13:10:23 -04:00
CVE-2023-50447-3.patch python3-pillow: Fix CVE-2023-50447 2024-04-28 13:10:23 -04:00
CVE-2023-50447-4.patch python3-pillow: Fix CVE-2023-50447 2024-04-28 13:10:23 -04:00
run-ptest python3-pillow: add ptest support 2023-02-06 10:20:34 -05:00