From 91e1461a2844e7d82287b7b9b3212678bcf67408 Mon Sep 17 00:00:00 2001
From: Xu Huan <xuhuan.fnst@fujitsu.com>
Date: Wed, 2 Mar 2022 17:52:50 +0800
Subject: python3-pillow: upgrade 9.0.0 -> 9.0.1

changelog:

In show_file, use os.remove to remove temporary images. CVE-2022-24303
Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817

Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
---
 .../python/python3-pillow_9.0.0.bb                 | 40 ---------------------
 .../python/python3-pillow_9.0.1.bb                 | 42 ++++++++++++++++++++++
 2 files changed, 42 insertions(+), 40 deletions(-)
 delete mode 100644 meta-python/recipes-devtools/python/python3-pillow_9.0.0.bb
 create mode 100644 meta-python/recipes-devtools/python/python3-pillow_9.0.1.bb

(limited to 'meta-python/recipes-devtools/python')

diff --git a/meta-python/recipes-devtools/python/python3-pillow_9.0.0.bb b/meta-python/recipes-devtools/python/python3-pillow_9.0.0.bb
deleted file mode 100644
index 487e4b54c4..0000000000
--- a/meta-python/recipes-devtools/python/python3-pillow_9.0.0.bb
+++ /dev/null
@@ -1,40 +0,0 @@
-SUMMARY = "Python Imaging Library (Fork). Pillow is the friendly PIL fork by Alex \
-Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and \
-Contributors."
-HOMEPAGE = "https://pillow.readthedocs.io"
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=ad081a0aede51e89f8da13333a8fb849"
-
-SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=9.0.x;protocol=https \
-           file://0001-support-cross-compiling.patch \
-           file://0001-explicitly-set-compile-options.patch \
-"
-SRCREV ?= "82541b6dec8452cb612067fcebba1c5a1a2bfdc8"
-
-inherit setuptools3
-
-PIP_INSTALL_PACKAGE = "Pillow"
-PIP_INSTALL_DIST_PATH = "${S}/dist"
-
-DEPENDS += " \
-    zlib \
-    jpeg \
-    tiff \
-    freetype \
-    lcms \
-    openjpeg \
-"
-
-RDEPENDS:${PN} += " \
-    ${PYTHON_PN}-misc \
-    ${PYTHON_PN}-logging \
-    ${PYTHON_PN}-numbers \
-"
-
-CVE_PRODUCT = "pillow"
-
-S = "${WORKDIR}/git"
-
-RPROVIDES:${PN} += "python3-imaging"
-
-BBCLASSEXTEND = "native"
diff --git a/meta-python/recipes-devtools/python/python3-pillow_9.0.1.bb b/meta-python/recipes-devtools/python/python3-pillow_9.0.1.bb
new file mode 100644
index 0000000000..fb86322f77
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-pillow_9.0.1.bb
@@ -0,0 +1,42 @@
+SUMMARY = "Python Imaging Library (Fork). Pillow is the friendly PIL fork by Alex \
+Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and \
+Contributors."
+HOMEPAGE = "https://pillow.readthedocs.io"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=ad081a0aede51e89f8da13333a8fb849"
+
+SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=9.0.x;protocol=https \
+           file://0001-support-cross-compiling.patch \
+           file://0001-explicitly-set-compile-options.patch \
+"
+SRCREV ?= "82541b6dec8452cb612067fcebba1c5a1a2bfdc8"
+
+inherit setuptools3
+
+PIP_INSTALL_PACKAGE = "Pillow"
+PIP_INSTALL_DIST_PATH = "${S}/dist"
+
+DEPENDS += " \
+    zlib \
+    jpeg \
+    tiff \
+    freetype \
+    lcms \
+    openjpeg \
+"
+
+RDEPENDS:${PN} += " \
+    ${PYTHON_PN}-misc \
+    ${PYTHON_PN}-logging \
+    ${PYTHON_PN}-numbers \
+"
+
+CVE_PRODUCT = "pillow"
+
+S = "${WORKDIR}/git"
+
+RPROVIDES:${PN} += "python3-imaging"
+
+BBCLASSEXTEND = "native"
+
+SRCREV = "6deac9e3a23caffbfdd75c00d3f0a1cd36cdbd5d"
-- 
cgit v1.2.3-54-g00ecf