Sun Mar 6 09:34:46 2016 UTC ()
Changes 3.1.1
- Fixed an integer overflow in Resample.c causing writes in the Python heap.
- Fixed a buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files. CVE-2016-TBD
- Fixed a buffer overflow in FliDecode.c causing a segfault when opening FLI files. CVE-2016-0775
- Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF file. CVE-2016-0740


(adam)
diff -r1.22 -r1.23 pkgsrc/graphics/py-Pillow/Makefile
diff -r1.16 -r1.17 pkgsrc/graphics/py-Pillow/distinfo
cvs diff -r1.22 -r1.23 pkgsrc/graphics/py-Pillow/Makefile (expand / switch to unified diff)

--- pkgsrc/graphics/py-Pillow/Makefile 2016/01/30 18:45:32 1.22
+++ pkgsrc/graphics/py-Pillow/Makefile 2016/03/06 09:34:46 1.23
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.22 2016/01/30 18:45:32 adam Exp $ 1# $NetBSD: Makefile,v 1.23 2016/03/06 09:34:46 adam Exp $
2 2
3DISTNAME= Pillow-3.1.0 3DISTNAME= Pillow-3.1.1
4PKGNAME= ${PYPKGPREFIX}-${DISTNAME} 4PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
5CATEGORIES= graphics python 5CATEGORIES= graphics python
6MASTER_SITES= ${MASTER_SITE_PYPI:=P/Pillow/} 6MASTER_SITES= ${MASTER_SITE_PYPI:=P/Pillow/}
7 7
8MAINTAINER= pkgsrc-users@NetBSD.org 8MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= http://python-pillow.github.io/ 9HOMEPAGE= http://python-pillow.github.io/
10COMMENT= Python Imaging Library (Fork) 10COMMENT= Python Imaging Library (Fork)
11 11
12CONFLICTS+= ${PYPKGPREFIX}-imaging-[0-9]* 12CONFLICTS+= ${PYPKGPREFIX}-imaging-[0-9]*
13 13
14SUBST_CLASSES+= fix-path 14SUBST_CLASSES+= fix-path
15SUBST_MESSAGE.fix-path= Fixing paths. 15SUBST_MESSAGE.fix-path= Fixing paths.
16SUBST_STAGE.fix-path= pre-configure 16SUBST_STAGE.fix-path= pre-configure
cvs diff -r1.16 -r1.17 pkgsrc/graphics/py-Pillow/distinfo (expand / switch to unified diff)

--- pkgsrc/graphics/py-Pillow/distinfo 2016/01/30 18:45:32 1.16
+++ pkgsrc/graphics/py-Pillow/distinfo 2016/03/06 09:34:46 1.17
@@ -1,7 +1,7 @@ @@ -1,7 +1,7 @@
1$NetBSD: distinfo,v 1.16 2016/01/30 18:45:32 adam Exp $ 1$NetBSD: distinfo,v 1.17 2016/03/06 09:34:46 adam Exp $
2 2
3SHA1 (Pillow-3.1.0.tar.gz) = 9be5048fea909622f1fbdadc7e701fa35f410f78 3SHA1 (Pillow-3.1.1.tar.gz) = 71d8dc1dd38ba2582f7cca8b5ce70af03d19db23
4RMD160 (Pillow-3.1.0.tar.gz) = d44e79349ceb4858052edfb44493363859b5ee6f 4RMD160 (Pillow-3.1.1.tar.gz) = 4825d86f16fd073583e19eaef473af83340d4c06
5SHA512 (Pillow-3.1.0.tar.gz) = 15715e014cbb7cf8581480ca44319202075a2faef86d0a4318ade7b44f0d88a56bbc1a2a92c0fca7c14ae6402ce590457dab7302230a729a56e0342d311e6c76 5SHA512 (Pillow-3.1.1.tar.gz) = 722dbd4910891776116352bcd5533f1a770272ab8652fded69cec58df5ab60552fc16cf777b59f7c18a429dd3eb5c5f3a144aa4f99c9822707ab91169f1e1d7c
6Size (Pillow-3.1.0.tar.gz) = 9858361 bytes 6Size (Pillow-3.1.1.tar.gz) = 10130206 bytes
7SHA1 (patch-setup.py) = c4a3eae74db27f58a6d2c52114b3be13daf4207a 7SHA1 (patch-setup.py) = c4a3eae74db27f58a6d2c52114b3be13daf4207a