HomeFreeBSD
Diffusion FreeBSD ports repository rP408783

MFH: r408782 graphics/py-pillow: Backport security fixes
rP408783
Actions

Description

MFH: r408782 graphics/py-pillow: Backport security fixes

Backport security fixes from 3.1.1 release, resolving the following
vulnerabilities:

  • CVE-2016-0775: Buffer overflow in FLI decoding code
  • CVE-2016-0740: Buffer overflow in TIFF decoding code
  • Integer overflow in Resample.c [1]
  • Buffer overflow in PCD decoder [2]

[1] https://github.com/python-pillow/Pillow/issues/1710
[2] https://github.com/python-pillow/Pillow/issues/568

PR: 207053
Submitted by: rakuco
Security: a8de962a-cf15-11e5-805c-5453ed2e2b49

Approved by: ports-secteam (security)

Details

Provenance
koobsAuthored on
Parents
rP408782: graphics/py-pillow: Backport security fixes
Branches
Unknown
Tags
Unknown

Changes (7)

PathSize
branches/
2016Q1/
graphics/
py-pillow/
branches/
2016Q1/
graphics/
py-pillow/
files/
head/
graphics/
py-pillow/
files/

rP408783

View Options

branches/2016Q1/

Loading...
View Options

branches/2016Q1/graphics/py-pillow/Makefile

Loading...
View Options

branches/2016Q1/graphics/py-pillow/files/

Loading...
View Options

branches/2016Q1/graphics/py-pillow/files/patch-CVE-2016-0740

Loading...
View Options

branches/2016Q1/graphics/py-pillow/files/patch-CVE-2016-0775

Loading...
View Options

branches/2016Q1/graphics/py-pillow/files/patch-libImaging-PcdDecode.c

Loading...
View Options

branches/2016Q1/graphics/py-pillow/files/patch-libImaging-Resample.c

Loading...