diff options
| -rw-r--r-- | main/py-pillow/APKBUILD | 7 | ||||
| -rw-r--r-- | main/py-pillow/cve-2021-23437.patch | 17 |
2 files changed, 4 insertions, 20 deletions
diff --git a/main/py-pillow/APKBUILD b/main/py-pillow/APKBUILD index 67886be098d..65f674935d6 100644 --- a/main/py-pillow/APKBUILD +++ b/main/py-pillow/APKBUILD @@ -3,7 +3,7 @@ pkgname=py-pillow _pkgname=Pillow pkgver=6.2.1 -pkgrel=2 +pkgrel=1 pkgdesc="Python Imaging Library" url="https://python-pillow.org" arch="all" @@ -12,6 +12,7 @@ depends="py-olefile" makedepends="python2-dev python3-dev py-setuptools freetype-dev jpeg-dev libwebp-dev tiff-dev libpng-dev lcms2-dev libjpeg-turbo-dev zlib-dev" subpackages="py2-${pkgname#py-}:_py2 py3-${pkgname#py-}:_py3" +options="!check" # missing dependencies source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz py-pillow-fix-pytest-ver.patch cve-2021-23437.patch @@ -20,7 +21,7 @@ builddir="$srcdir/$_pkgname-$pkgver" [ "$CARCH" = "s390x" ] && options="!check" # secfixes: -# 6.2.1-r2: +# 6.2.1-r1: # - CVE-2021-23437 build() { @@ -64,5 +65,5 @@ _py() { sha512sums=" 757bfdab2ba418195e96e696d2d111de3b38b6bafe4f6f94012f024f59c9bc8542fdab54f643eaf7b2867a9214db806e72eecbdd636bfceb55b47d3164f643ec Pillow-6.2.1.tar.gz b33216541d7cdeb481d650b7cafeb44333244abbdab035ff5aa086c8dc9c5b2e1e9e294048f299f803d251c7a70ac4ea0a68ba28e7a9ced136287d61310708cf py-pillow-fix-pytest-ver.patch -0c991bf55bd2b73e1f5539f8c2110c47ef48029ff1a91710384d1612903850b1bbedeacef90359e738a02faacffd2e3a1d48d14a800681cd04f0f98c453b609b cve-2021-23437.patch +e603cfd1dc7eac99580871d42a0813ecd9189a2a6217b18873c6e7762736c5b93ea0933c3eb936920648b0bee6cac7a54dbff92fabeb5c7d4168ea4c2e1e1562 cve-2021-23437.patch " diff --git a/main/py-pillow/cve-2021-23437.patch b/main/py-pillow/cve-2021-23437.patch index 9933ed8ceda..0afa0f1f509 100644 --- a/main/py-pillow/cve-2021-23437.patch +++ b/main/py-pillow/cve-2021-23437.patch @@ -8,23 +8,6 @@ Subject: [PATCH] Raise ValueError if color specifier is too long src/PIL/ImageColor.py | 2 ++ 2 files changed, 11 insertions(+) -diff --git a/Tests/test_imagecolor.py b/Tests/test_imagecolor.py -index b5d69379655..dbe8b9e957b 100644 ---- a/Tests/test_imagecolor.py -+++ b/Tests/test_imagecolor.py -@@ -191,3 +191,12 @@ def test_rounding_errors(): - assert (255, 255) == ImageColor.getcolor("white", "LA") - assert (163, 33) == ImageColor.getcolor("rgba(0, 255, 115, 33)", "LA") - Image.new("LA", (1, 1), "white") -+ -+ -+def test_color_too_long(): -+ # Arrange -+ color_too_long = "hsl(" + "1" * 100 + ")" -+ -+ # Act / Assert -+ with pytest.raises(ValueError): -+ ImageColor.getrgb(color_too_long) diff --git a/src/PIL/ImageColor.py b/src/PIL/ImageColor.py index 51df4404039..25f92f2c732 100644 --- a/src/PIL/ImageColor.py |