dwww: tpablo.net

dwww Home | Show directory contents | Find package
pillow (9.0.1-1ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow in imagingcms.c
    - debian/patches/CVE-2024-28219.patch: Use strncpy
    to avoid buffer overflow
    - CVE-2024-28219

 -- Nick Galanis <nick.galanis@canonical.com>  Mon, 15 Apr 2024 13:00:29 +0100

pillow (9.0.1-1ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS in ImageFont via large textlength
    - debian/patches/CVE-2023-44271.patch: added a maximum string length in
      Tests/test_imagefont.py, docs/reference/ImageFont.rst,
      src/PIL/ImageFont.py.
    - CVE-2023-44271
  * SECURITY UPDATE: PIL.ImageMath.eval Arbitrary Code Execution
    - debian/patches/CVE-2023-50447-1.patch: don't allow __ or builtins in
      env dictionarys for ImageMath.eval in src/PIL/ImageMath.py.
    - debian/patches/CVE-2023-50447-2.patch: allow ops in
      Tests/test_imagemath.py, src/PIL/ImageMath.py.
    - debian/patches/CVE-2023-50447-3.patch: include further builtins in
      Tests/test_imagemath.py, src/PIL/ImageMath.py.
    - CVE-2023-50447

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 25 Jan 2024 10:10:10 -0500

pillow (9.0.1-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: gif decompression bomb issue
    - debian/patches/CVE-2022-45198.patch: Added GIF decompression bomb check
      in src/PIL/GifImagePlugin.py.
    - CVE-2022-45198

 -- Fabian Toepfer <fabian.toepfer@canonical.com>  Mon, 12 Dec 2022 20:51:28 +0100

pillow (9.0.1-1build1) jammy; urgency=medium

  * No-change rebuild with Python 3.10 only.

 -- Matthias Klose <doko@ubuntu.com>  Thu, 17 Mar 2022 18:50:53 +0100

pillow (9.0.1-1) unstable; urgency=medium

  * New upstream version.
  * Fix documentation build error with Python 3.10 (Heinrich Schuchardt).

 -- Matthias Klose <doko@debian.org>  Fri, 18 Feb 2022 01:07:13 +0100

pillow (9.0.0-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <doko@debian.org>  Mon, 10 Jan 2022 10:52:08 +0100

pillow (8.4.0-1) unstable; urgency=medium

  * New upstream version.

 -- Matthias Klose <doko@debian.org>  Thu, 25 Nov 2021 13:17:45 +0100

pillow (8.3.2-1) unstable; urgency=medium

  * New upstream version.
  * Bump standards version.

 -- Matthias Klose <doko@debian.org>  Mon, 11 Oct 2021 15:35:03 +0200

pillow (8.2.0-1) experimental; urgency=medium

  * New upstream version.
  * Build-depend on libopenjp2-7-dev. Closes: #904478.

 -- Matthias Klose <doko@debian.org>  Thu, 15 Apr 2021 11:37:53 +0200

pillow (8.1.2+dfsg-1) unstable; urgency=medium

  * Stop building the python3-*-dbg packages. Closes: #994317.

 -- Matthias Klose <doko@debian.org>  Wed, 15 Sep 2021 14:16:02 +0200

# For older changelog entries, run 'apt-get changelog python-pil-doc'
Generated by dwww version 1.14 on Sun Jan 26 15:20:55 CET 2025.