package/python-pillow: security bump to version 8.3.2

- Fix CVE-2021-23437 Raise ValueError if color specifier is too long
- Fix 6-byte OOB read in FliDecode
- Update indentation in hash file (two spaces)

https://github.com/python-pillow/Pillow/releases/tag/8.3.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a7919e68a6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2021-09-13 22:51:31 +02:00 committed by Peter Korsgaard
parent 26b12f53a9
commit 9744b1f030
2 changed files with 6 additions and 5 deletions

View File

@ -1,5 +1,6 @@
# md5, sha256 from https://pypi.org/pypi/pillow/json
md5 e42fc66e41b5309436a573af49cec47c Pillow-8.3.1.tar.gz
sha256 2cac53839bfc5cece8fdbe7f084d5e3ee61e1303cccc86511d351adcb9e2c792 Pillow-8.3.1.tar.gz
md5 a7fc550b80819eab11e01cc097913700 Pillow-8.3.2.tar.gz
sha256 dde3f3ed8d00c72631bc19cbfff8ad3b6215062a5eed402381ad365f82f0c18c Pillow-8.3.2.tar.gz
# Locally computed sha256 checksums
sha256 5bb11d96b393a698df70018069a986248021f286344c437a13f299c3daf1dfd4 LICENSE
sha256 5bb11d96b393a698df70018069a986248021f286344c437a13f299c3daf1dfd4 LICENSE

View File

@ -4,8 +4,8 @@
#
################################################################################
PYTHON_PILLOW_VERSION = 8.3.1
PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/8f/7d/1e9c2d8989c209edfd10f878da1af956059a1caab498e5bc34fa11b83f71
PYTHON_PILLOW_VERSION = 8.3.2
PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/90/d4/a7c9b6c5d176654aa3dbccbfd0be4fd3a263355dc24122a5f1937bdc2689
PYTHON_PILLOW_SOURCE = Pillow-$(PYTHON_PILLOW_VERSION).tar.gz
PYTHON_PILLOW_LICENSE = HPND
PYTHON_PILLOW_LICENSE_FILES = LICENSE