summaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python-imaging_1.1.7.bb
diff options
context:
space:
mode:
authormingli.yu@windriver.com <mingli.yu@windriver.com>2016-07-20 14:00:07 +0800
committerMartin Jansa <Martin.Jansa@gmail.com>2016-07-29 11:00:59 +0200
commitb142ab5a0b4d5f88c658aeac1ee1c2752d72891f (patch)
treeb02d4e82416a339f67e6d57c543fb4c2859ab5f6 /meta-python/recipes-devtools/python/python-imaging_1.1.7.bb
parent639864337308268996c648d1fc607f54554f59e6 (diff)
downloadmeta-openembedded-b142ab5a0b4d5f88c658aeac1ee1c2752d72891f.tar.gz
python-imaging: Fix CVE-2016-2533
* PCD decoder overruns the shuffle buffer, Fixes #568 the patch comes from: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2533 https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python-imaging_1.1.7.bb')
-rw-r--r--meta-python/recipes-devtools/python/python-imaging_1.1.7.bb4
1 files changed, 3 insertions, 1 deletions
diff --git a/meta-python/recipes-devtools/python/python-imaging_1.1.7.bb b/meta-python/recipes-devtools/python/python-imaging_1.1.7.bb
index d2f1a8c0b..60dd7d0a3 100644
--- a/meta-python/recipes-devtools/python/python-imaging_1.1.7.bb
+++ b/meta-python/recipes-devtools/python/python-imaging_1.1.7.bb
@@ -10,7 +10,9 @@ SRC_URI = "http://effbot.org/downloads/Imaging-${PV}.tar.gz \
10 file://0001-python-imaging-setup.py-force-paths-for-zlib-freetyp.patch \ 10 file://0001-python-imaging-setup.py-force-paths-for-zlib-freetyp.patch \
11 file://allow.to.disable.some.features.patch \ 11 file://allow.to.disable.some.features.patch \
12 file://fix-freetype-includes.patch \ 12 file://fix-freetype-includes.patch \
13 file://remove-host-libdir.patch" 13 file://remove-host-libdir.patch \
14 file://python-imaging-CVE-2016-2533.patch \
15"
14 16
15SRC_URI[md5sum] = "fc14a54e1ce02a0225be8854bfba478e" 17SRC_URI[md5sum] = "fc14a54e1ce02a0225be8854bfba478e"
16SRC_URI[sha256sum] = "895bc7c2498c8e1f9b99938f1a40dc86b3f149741f105cf7c7bd2e0725405211" 18SRC_URI[sha256sum] = "895bc7c2498c8e1f9b99938f1a40dc86b3f149741f105cf7c7bd2e0725405211"