diff options
author | Kevin Daudt <kdaudt@alpinelinux.org> | 2021-11-21 18:01:48 +0000 |
---|---|---|
committer | Kevin Daudt <kdaudt@alpinelinux.org> | 2021-11-21 18:18:14 +0000 |
commit | 9bc71a8b04772cd6c51db055f218f9f6624d30f9 (patch) | |
tree | 4f065a58fb9ffd43096a4c00dd3ca0315480fc8f | |
parent | a72c6d348161b1ac8a1a6edabf0546c3f1abe673 (diff) |
main/py3-pillow: mitigate CVE-2021-23437
See: #13051
-rw-r--r-- | main/py3-pillow/APKBUILD | 12 | ||||
-rw-r--r-- | main/py3-pillow/cve-2021-23437.patch | 40 |
2 files changed, 49 insertions, 3 deletions
diff --git a/main/py3-pillow/APKBUILD b/main/py3-pillow/APKBUILD index e5874205bcc..a9b988728e6 100644 --- a/main/py3-pillow/APKBUILD +++ b/main/py3-pillow/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Fabian Affolter <fabian@affolter-engineering.ch> pkgname=py3-pillow pkgver=7.1.2 -pkgrel=1 +pkgrel=2 pkgdesc="Python Imaging Library" options="!check" url="https://python-pillow.org/" @@ -15,6 +15,7 @@ makedepends="python3-dev py3-setuptools freetype-dev checkdepends="py3-pytest py3-numpy" source="https://files.pythonhosted.org/packages/source/P/Pillow/Pillow-$pkgver.tar.gz CVE-2020-35655.patch + cve-2021-23437.patch " builddir="$srcdir/Pillow-$pkgver" @@ -22,6 +23,8 @@ provides="py-pillow=$pkgver-r$pkgrel" # backwards compatibility replaces="py-pillow" # backwards compatiblity # secfixes: +# 7.1.2-r2: +# - CVE-2021-23437 # 7.1.2-r1: # - CVE-2020-35655 # 6.2.2-r0: @@ -46,5 +49,8 @@ package() { python3 setup.py install --prefix=/usr --root="$pkgdir" } -sha512sums="75d88c5c967d600b84caf9af62eeda6f235fb1357ba7ca47656be6d48018f2df6f2442df2d2ea50d4cc0955f55dce05c2e2676f9b4bca5aa72bfda61e407dd97 Pillow-7.1.2.tar.gz -89984ca666bafc356ba8af50a3f96dc84965b882577f488c10550558a316982c52378bf52ec24b5ed53a4f8b1019e9e5e03bbff6e32c4009ea8ef71093f33f18 CVE-2020-35655.patch" +sha512sums=" +75d88c5c967d600b84caf9af62eeda6f235fb1357ba7ca47656be6d48018f2df6f2442df2d2ea50d4cc0955f55dce05c2e2676f9b4bca5aa72bfda61e407dd97 Pillow-7.1.2.tar.gz +89984ca666bafc356ba8af50a3f96dc84965b882577f488c10550558a316982c52378bf52ec24b5ed53a4f8b1019e9e5e03bbff6e32c4009ea8ef71093f33f18 CVE-2020-35655.patch +0c991bf55bd2b73e1f5539f8c2110c47ef48029ff1a91710384d1612903850b1bbedeacef90359e738a02faacffd2e3a1d48d14a800681cd04f0f98c453b609b cve-2021-23437.patch +" diff --git a/main/py3-pillow/cve-2021-23437.patch b/main/py3-pillow/cve-2021-23437.patch new file mode 100644 index 00000000000..9933ed8ceda --- /dev/null +++ b/main/py3-pillow/cve-2021-23437.patch @@ -0,0 +1,40 @@ +From 1dc6564eb7ee8f28fb16eeffaf3572f3e1d5aa29 Mon Sep 17 00:00:00 2001 +From: Hugo van Kemenade <hugovk@users.noreply.github.com> +Date: Mon, 23 Aug 2021 19:10:49 +0300 +Subject: [PATCH] Raise ValueError if color specifier is too long + +--- + Tests/test_imagecolor.py | 9 +++++++++ + src/PIL/ImageColor.py | 2 ++ + 2 files changed, 11 insertions(+) + +diff --git a/Tests/test_imagecolor.py b/Tests/test_imagecolor.py +index b5d69379655..dbe8b9e957b 100644 +--- a/Tests/test_imagecolor.py ++++ b/Tests/test_imagecolor.py +@@ -191,3 +191,12 @@ def test_rounding_errors(): + assert (255, 255) == ImageColor.getcolor("white", "LA") + assert (163, 33) == ImageColor.getcolor("rgba(0, 255, 115, 33)", "LA") + Image.new("LA", (1, 1), "white") ++ ++ ++def test_color_too_long(): ++ # Arrange ++ color_too_long = "hsl(" + "1" * 100 + ")" ++ ++ # Act / Assert ++ with pytest.raises(ValueError): ++ ImageColor.getrgb(color_too_long) +diff --git a/src/PIL/ImageColor.py b/src/PIL/ImageColor.py +index 51df4404039..25f92f2c732 100644 +--- a/src/PIL/ImageColor.py ++++ b/src/PIL/ImageColor.py +@@ -32,6 +32,8 @@ def getrgb(color): + :param color: A color string + :return: ``(red, green, blue[, alpha])`` + """ ++ if len(color) > 100: ++ raise ValueError("color specifier is too long") + color = color.lower() + + rgb = colormap.get(color, None) |