From b462ecac0cc75c5df88dbaab6bc2a49ce0750863456035b77ac052ffe9f8db33 Mon Sep 17 00:00:00 2001 From: Jan Matejek Date: Tue, 1 Mar 2016 13:05:57 +0000 Subject: [PATCH 1/3] Accepting request 362918 from home:stroeder:branches:devel:languages:python update to version 3.1.1 with security fixes OBS-URL: https://build.opensuse.org/request/show/362918 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=45 --- Pillow-3.1.0.tar.gz | 3 --- Pillow-3.1.1.tar.gz | 3 +++ python-Pillow.changes | 13 +++++++++++++ python-Pillow.spec | 2 +- 4 files changed, 17 insertions(+), 4 deletions(-) delete mode 100644 Pillow-3.1.0.tar.gz create mode 100644 Pillow-3.1.1.tar.gz diff --git a/Pillow-3.1.0.tar.gz b/Pillow-3.1.0.tar.gz deleted file mode 100644 index a39ff0e..0000000 --- a/Pillow-3.1.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e15277f0c46347af1d5686c510c80c0a4c4fa4833493e73066f7bb8c1ed1b003 -size 9858361 diff --git a/Pillow-3.1.1.tar.gz b/Pillow-3.1.1.tar.gz new file mode 100644 index 0000000..c0961e9 --- /dev/null +++ b/Pillow-3.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:486f4ccddee09429cb1c63ea56c02894aecf9d69acdcaf006c53835df2549fff +size 10130206 diff --git a/python-Pillow.changes b/python-Pillow.changes index efe2cc4..7a6a03f 100644 --- a/python-Pillow.changes +++ b/python-Pillow.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Mon Feb 29 12:28:34 UTC 2016 - michael@stroeder.com + +- update to version 3.1.1 with security fixes: + * Fixed an integer overflow in Resample.c causing writes in the Python heap. + * Fixed a buffer overflow in PcdDecode.c causing a segfault when opening + PhotoCD files. CVE-2016-TBD + * Fixed a buffer overflow in FliDecode.c causing a segfault when opening + FLI files. CVE-2016-0775 + * Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of + memory to be overwritten when opening a specially crafted invalid TIFF + file. CVE-2016-0740 + ------------------------------------------------------------------- Mon Feb 1 11:13:20 UTC 2016 - toddrme2178@gmail.com diff --git a/python-Pillow.spec b/python-Pillow.spec index ee9b8e8..2b6354b 100644 --- a/python-Pillow.spec +++ b/python-Pillow.spec @@ -17,7 +17,7 @@ Name: python-Pillow -Version: 3.1.0 +Version: 3.1.1 Release: 0 Summary: Python Imaging Library (Fork) License: HPND From ee3a56620b09a4577172bf1250714ae9393d28ffb85496b9230503f03a39436c Mon Sep 17 00:00:00 2001 From: Jan Matejek Date: Tue, 1 Mar 2016 13:11:56 +0000 Subject: [PATCH 2/3] add bsc identifiers OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=46 --- python-Pillow.changes | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/python-Pillow.changes b/python-Pillow.changes index 7a6a03f..a6809a6 100644 --- a/python-Pillow.changes +++ b/python-Pillow.changes @@ -6,10 +6,10 @@ Mon Feb 29 12:28:34 UTC 2016 - michael@stroeder.com * Fixed a buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files. CVE-2016-TBD * Fixed a buffer overflow in FliDecode.c causing a segfault when opening - FLI files. CVE-2016-0775 + FLI files. CVE-2016-0775 (fixes bsc#965582) * Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF - file. CVE-2016-0740 + file. CVE-2016-0740 (fixes bsc#965579) ------------------------------------------------------------------- Mon Feb 1 11:13:20 UTC 2016 - toddrme2178@gmail.com From 7d3376b8451ac0be9b6856d820f20780e7791f693c01ce8a67169d1d8dc753ec Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 2 Mar 2016 20:10:45 +0000 Subject: [PATCH 3/3] Accepting request 363815 from home:michel_mno:branches:devel:languages:python - ignore make check errors ppc64 architecture as upstream issue https://github.com/python-pillow/Pillow/issues/1204 OBS-URL: https://build.opensuse.org/request/show/363815 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=47 --- python-Pillow.changes | 6 ++++++ python-Pillow.spec | 7 +++++++ 2 files changed, 13 insertions(+) diff --git a/python-Pillow.changes b/python-Pillow.changes index a6809a6..313dd76 100644 --- a/python-Pillow.changes +++ b/python-Pillow.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Mar 1 21:05:58 UTC 2016 - normand@linux.vnet.ibm.com + +- ignore make check errors ppc64 architecture as upstream issue + https://github.com/python-pillow/Pillow/issues/1204 + ------------------------------------------------------------------- Mon Feb 29 12:28:34 UTC 2016 - michael@stroeder.com diff --git a/python-Pillow.spec b/python-Pillow.spec index 2b6354b..4e3af2c 100644 --- a/python-Pillow.spec +++ b/python-Pillow.spec @@ -107,8 +107,15 @@ done echo "PIL" > %{buildroot}%{python_sitearch}/PIL.pth %check +%ifarch ppc64 +PYTHONPATH=%{buildroot}/%{python_sitearch} python selftest.py --installed || \ +echo "WARNING ignore failure https://github.com/python-pillow/Pillow/issues/1204" +PYTHONPATH=%{buildroot}/%{python_sitearch} python test-installed.py || \ +echo "WARNING ignore failure https://github.com/python-pillow/Pillow/issues/1204" +%else PYTHONPATH=%{buildroot}/%{python_sitearch} python selftest.py --installed PYTHONPATH=%{buildroot}/%{python_sitearch} python test-installed.py +%endif %post update-alternatives \