HomeFreeBSD

MFH: r408782 graphics/py-pillow: Backport security fixes

Description

MFH: r408782 graphics/py-pillow: Backport security fixes

Backport security fixes from 3.1.1 release, resolving the following
vulnerabilities:

  • CVE-2016-0775: Buffer overflow in FLI decoding code
  • CVE-2016-0740: Buffer overflow in TIFF decoding code
  • Integer overflow in Resample.c [1]
  • Buffer overflow in PCD decoder [2]

[1] https://github.com/python-pillow/Pillow/issues/1710
[2] https://github.com/python-pillow/Pillow/issues/568

PR: 207053
Submitted by: rakuco
Security: a8de962a-cf15-11e5-805c-5453ed2e2b49

Approved by: ports-secteam (security)

Details

Provenance
koobsAuthored on
Parents
rP408782: graphics/py-pillow: Backport security fixes
Branches
Unknown
Tags
Unknown