Wed May 18 11:23:52 2022 UTC ()
py-Pillow: updated to 9.1.1

9.1.1
- When reading past the end of a TGA scan line, reduce bytes left. CVE-2022-30595
- Do not open images with zero or negative height


(adam)
diff -r1.59 -r1.60 pkgsrc/graphics/py-Pillow/Makefile
diff -r1.51 -r1.52 pkgsrc/graphics/py-Pillow/distinfo
cvs diff -r1.59 -r1.60 pkgsrc/graphics/py-Pillow/Makefile (switch to unified diff)

--- pkgsrc/graphics/py-Pillow/Makefile 2022/04/26 17:50:11 1.59
+++ pkgsrc/graphics/py-Pillow/Makefile 2022/05/18 11:23:52 1.60
@@ -1,40 +1,40 @@ @@ -1,40 +1,40 @@
1# $NetBSD: Makefile,v 1.59 2022/04/26 17:50:11 adam Exp $ 1# $NetBSD: Makefile,v 1.60 2022/05/18 11:23:52 adam Exp $
2 2
3DISTNAME= Pillow-9.1.0 3DISTNAME= Pillow-9.1.1
4PKGNAME= ${PYPKGPREFIX}-${DISTNAME} 4PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
5CATEGORIES= graphics python 5CATEGORIES= graphics python
6MASTER_SITES= ${MASTER_SITE_PYPI:=P/Pillow/} 6MASTER_SITES= ${MASTER_SITE_PYPI:=P/Pillow/}
7 7
8MAINTAINER= pkgsrc-users@NetBSD.org 8MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= https://python-pillow.org/ 9HOMEPAGE= https://python-pillow.org/
10COMMENT= Python Imaging Library (Fork) 10COMMENT= Python Imaging Library (Fork)
11LICENSE= hpnd 11LICENSE= hpnd
12 12
13USE_TOOLS+= pkg-config 13USE_TOOLS+= pkg-config
14 14
15CONFLICTS+= ${PYPKGPREFIX}-imaging-[0-9]* 15CONFLICTS+= ${PYPKGPREFIX}-imaging-[0-9]*
16 16
17DEPENDS+= ${PYPKGPREFIX}-olefile-[0-9]*:../../devel/py-olefile 17DEPENDS+= ${PYPKGPREFIX}-olefile-[0-9]*:../../devel/py-olefile
18BUILD_DEPENDS+= ${PYPKGPREFIX}-test-runner-[0-9]*:../../devel/py-test-runner 18BUILD_DEPENDS+= ${PYPKGPREFIX}-test-runner-[0-9]*:../../devel/py-test-runner
19TEST_DEPENDS+= netpbm-[0-9]*:../../graphics/netpbm 19TEST_DEPENDS+= netpbm-[0-9]*:../../graphics/netpbm
20 20
21PYTHON_VERSIONS_INCOMPATIBLE= 27 21PYTHON_VERSIONS_INCOMPATIBLE= 27
22 22
23PYSETUPBUILDTARGET= build_ext 23PYSETUPBUILDTARGET= build_ext
24PYSETUPBUILDARGS+= --disable-xcb 24PYSETUPBUILDARGS+= --disable-xcb
25 25
26DISTUTILS_BUILDDIR_IN_TEST_ENV= yes 26DISTUTILS_BUILDDIR_IN_TEST_ENV= yes
27 27
28do-test: 28do-test:
29 cd ${WRKSRC} && ${SETENV} ${TEST_ENV} ${PYTHONBIN} selftest.py 29 cd ${WRKSRC} && ${SETENV} ${TEST_ENV} ${PYTHONBIN} selftest.py
30 30
31.include "../../devel/zlib/buildlink3.mk" 31.include "../../devel/zlib/buildlink3.mk"
32.include "../../graphics/freetype2/buildlink3.mk" 32.include "../../graphics/freetype2/buildlink3.mk"
33.include "../../graphics/lcms2/buildlink3.mk" 33.include "../../graphics/lcms2/buildlink3.mk"
34.include "../../graphics/libimagequant/buildlink3.mk" 34.include "../../graphics/libimagequant/buildlink3.mk"
35.include "../../graphics/libwebp/buildlink3.mk" 35.include "../../graphics/libwebp/buildlink3.mk"
36.include "../../graphics/openjpeg/buildlink3.mk" 36.include "../../graphics/openjpeg/buildlink3.mk"
37.include "../../graphics/tiff/buildlink3.mk" 37.include "../../graphics/tiff/buildlink3.mk"
38.include "../../lang/python/egg.mk" 38.include "../../lang/python/egg.mk"
39.include "../../mk/jpeg.buildlink3.mk" 39.include "../../mk/jpeg.buildlink3.mk"
40.include "../../mk/bsd.pkg.mk" 40.include "../../mk/bsd.pkg.mk"
cvs diff -r1.51 -r1.52 pkgsrc/graphics/py-Pillow/distinfo (switch to unified diff)

--- pkgsrc/graphics/py-Pillow/distinfo 2022/04/26 17:50:11 1.51
+++ pkgsrc/graphics/py-Pillow/distinfo 2022/05/18 11:23:52 1.52
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1$NetBSD: distinfo,v 1.51 2022/04/26 17:50:11 adam Exp $ 1$NetBSD: distinfo,v 1.52 2022/05/18 11:23:52 adam Exp $
2 2
3BLAKE2s (Pillow-9.1.0.tar.gz) = e0e620d6da2b9d5d93d94b8ccb86c0b4c693ba30fe7b2ffa47a18b70c937e726 3BLAKE2s (Pillow-9.1.1.tar.gz) = 059adde5122af2dd1afb0b9716b62b9a39e6ffdf7582a88341f1dae63d5fa377
4SHA512 (Pillow-9.1.0.tar.gz) = 89c22f01959e3e558e79568f4cff618c6592a730aea3d28d276acd1bbeada6e1409a471db50cad3b31dbc64413d3b2a71a9e8ce953afda9b290c9bda6cea23de 4SHA512 (Pillow-9.1.1.tar.gz) = 5fbb94cb3046c002e996f61bfbfaca0b30e9e068aa7ab13083cd2ff8c3e9cc18c5aab04ecc3de5a83eb985186f90dacbd42bad1905b0e89f0e34238af54b304e
5Size (Pillow-9.1.0.tar.gz) = 49760285 bytes 5Size (Pillow-9.1.1.tar.gz) = 49764564 bytes
6SHA1 (patch-setup.py) = 11d48f7a21088eeb304fb88571d6c0f6eccffdb6 6SHA1 (patch-setup.py) = 11d48f7a21088eeb304fb88571d6c0f6eccffdb6