mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-27 12:01:38 +01:00
717462f811
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). References: https://security-tracker.debian.org/tracker/CVE-2023-50447 https://github.com/python-pillow/Pillow/blob/10.2.0/CHANGES.rst Signed-off-by: Rahul Janani Pandi <RahulJanani.Pandi@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
30 lines
895 B
Diff
30 lines
895 B
Diff
From 3652f431c2d8b9c10bf20b70f284d300d12e814a
|
|
From: Andrew Murray <radarhere@users.noreply.github.com>
|
|
Date: Sat Oct 28 14:22:39 2023 +1100
|
|
Subject: [PATCH] python3-pillow: Simplified code
|
|
|
|
CVE: CVE-2023-50447
|
|
|
|
Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/3652f431c2d8b9c10bf20b70f284d300d12e814a]
|
|
|
|
Signed-off-by: Rahul Janani Pandi <RahulJanani.Pandi@windriver.com>
|
|
---
|
|
src/PIL/ImageMath.py | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py
|
|
index ac7d36b69..71872a3fb 100644
|
|
--- a/src/PIL/ImageMath.py
|
|
+++ b/src/PIL/ImageMath.py
|
|
@@ -239,7 +239,7 @@ def eval(expression, _dict={}, **kw):
|
|
args = ops.copy()
|
|
args.update(_dict)
|
|
args.update(kw)
|
|
- for k, v in list(args.items()):
|
|
+ for k, v in args.items():
|
|
if hasattr(v, "im"):
|
|
args[k] = _Operand(v)
|
|
|
|
--
|
|
2.40.0
|