Revisions of python-Pillow
Gayane Osipyan (gosipyan)
accepted
request 1142579
from
Gayane Osipyan (gosipyan)
(revision 10)
- Add CVE-2023-44271.patch to fix uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument bsc#1216894, CVE-2023-44271
Gayane Osipyan (gosipyan)
accepted
request 1140839
from
Darragh O'Reilly (doreilly)
(revision 9)
- Add 031-CVE-2023-50447.patch * From upstream, backported * Fixes CVE-2023-50447, bsc#1219048
Jan Zerebecki (jzerebecki)
accepted
request 975059
from
Gayane Osipyan (gosipyan)
(revision 8)
- Add 030-CVE-2022-22817.patch - Add 028-CVE-2022-22815.patch - Add 029-CVE-2022-22816.patch - Add 027-CVE-2021-23437.patch * From upstream, backported * Fixes CVE-2021-23437, bsc#1190229 - Add 026-CVE-2021-34552.patch * From upstream, backported * Fixes CVE-2021-34552, bsc#1188574
Guang Yee (yeey)
accepted
request 969572
from
Meera Belur (mbelur)
(revision 7)
- Add 028-CVE-2022-22817.patch * From upstream, backported * Fixes CVE-2022-22817, bsc#1194521 * test from upstream updated for python2
Jan Zerebecki (jzerebecki)
accepted
request 967161
from
Meera Belur (mbelur)
(revision 6)
- Add 026-CVE-2022-22815.patch * From upstream, backported * Fixes CVE-2022-22815, bsc#1194552 - Add 027-CVE-2022-22816.patch * From upstream, backported * Fixes CVE-2022-22816, bsc#1194551
Johannes Grassler (jgrassler)
accepted
request 899425
from
Jacek Tomasiak (jtomasiak)
(revision 5)
- Add 020-CVE-2020-35653.patch * From upstream, backported * Fixes CVE-2020-35653, bsc#1180834 - Add 021-CVE-2021-25287+8.patch * From upstream, backported * Fixes CVE-2021-25287, CVE-2021-25288, bsc#1185805, bsc#1185803 - Add 022-CVE-2021-28675.patch * From upstream, backported * Fixes CVE-2021-28675, bsc#1185804 - Add 023-CVE-2021-28678.patch * From upstream, backported * Fixes CVE-2021-28678, bsc#1185784 - Add 024-CVE-2021-28677.patch * From upstream, backported * Fixes CVE-2021-28677, bsc#1185785 - Add 025-CVE-2021-28676.patch * From upstream, backported * Fixes CVE-2021-28676, bsc#1185786 - Add 014-Tests-for-tiff-crashes.patch * From upstream, backported * Base change for later CVE test cases + on_ci() helper - Add 015-Fix-for-SGI-Decode-buffer-overrun.patch * From upstream, backported * Fixes CVE-2020-35655, bsc#1180832 - Add 016-Fix-OOB-read-in-SgiRleDecode.patch * From upstream, backported * CVE-2021-25293, bsc#1183102 - Add 017-Fix-negative-size-read-in-TiffDecode.patch * From upstream, backported
Johannes Grassler (jgrassler)
accepted
request 818059
from
Jacek Tomasiak (jtomasiak)
(revision 4)
- Add 010-Fix-OOB-reads-in-FLI-decoding.patch * From upstream, backported * Fixes CVE-2020-10177, bsc#1173413 - Add 011-Fix-buffer-overflow-in-SGI-RLE-decoding.patch * From upstream, backported * Fixes CVE-2020-11538, bsc#1173420 - Add 012-Fix-bounds-overflow-in-JPEG-2000-decoding.patch * From upstream, backported * Fixes CVE-2020-10994, bsc#1173418 - Add 013-Fix-bounds-overflow-in-PCX-decoding.patch * From upstream, backported * Fixes CVE-2020-10378, bsc#1173416
Johannes Grassler (jgrassler)
accepted
request 816080
from
Jacek Tomasiak (jtomasiak)
(revision 3)
- Remove decompression_bomb.gif and relevant test case to avoid ClamAV scan alerts during build
Johannes Grassler (jgrassler)
accepted
request 811228
from
Jacek Tomasiak (jtomasiak)
(revision 2)
- Add 001-Corrected-negative-seeks.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 002-Added-decompression-bomb-checks.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 003-Raise-error-if-dimension-is-a-string.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 004-Catch-buffer-overruns.patch * From upstream, backported * Fixes part of CVE-2019-16865, bsc#1153191 - Add 005-Catch-PCX-P-mode-buffer-overrun.patch * From upstream, backported * Fixes CVE-2020-5312, bsc#1160152 - Add 006-Catch-SGI-buffer-overruns.patch * From upstream, backported * Fixes CVE-2020-5311, bsc#1160151 - Add 007-Ensure-previous-FLI-frame-is-loaded.patch * From upstream, backported * Fixes https://github.com/python-pillow/Pillow/issues/2649 * Uncovers CVE-2020-5313, bsc#1160153 - Add 008-Catch-FLI-buffer-overrun.patch * From upstream, backported * Fixes CVE-2020-5313, bsc#1160153 - Add 009-Invalid-number-of-bands-in-FPX-image.patch * From upstream, backported * Fixes CVE-2019-19911, bsc#1160192
Johannes Grassler (jgrassler)
committed
(revision 1)
osc copypac from project:Cloud:OpenStack:Master package:python-Pillow revision:1, using expand
Displaying all 10 revisions