Compare commits
No commits in common. "c8" and "c8-beta" have entirely different histories.
@ -1,38 +0,0 @@
|
|||||||
From 2d30e67ec0b77993de62f975aae29266d8d1f784 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Lumir Balhar <lbalhar@redhat.com>
|
|
||||||
Date: Thu, 4 Apr 2024 13:01:56 +0200
|
|
||||||
Subject: [PATCH] CVE-2024-28219
|
|
||||||
|
|
||||||
---
|
|
||||||
src/_imagingcms.c | 8 ++++----
|
|
||||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/_imagingcms.c b/src/_imagingcms.c
|
|
||||||
index 5e4196c..4169e28 100644
|
|
||||||
--- a/src/_imagingcms.c
|
|
||||||
+++ b/src/_imagingcms.c
|
|
||||||
@@ -212,8 +212,8 @@ cms_transform_new(cmsHTRANSFORM transform, char* mode_in, char* mode_out)
|
|
||||||
|
|
||||||
self->transform = transform;
|
|
||||||
|
|
||||||
- strcpy(self->mode_in, mode_in);
|
|
||||||
- strcpy(self->mode_out, mode_out);
|
|
||||||
+ strncpy(self->mode_in, mode_in, 8);
|
|
||||||
+ strncpy(self->mode_out, mode_out, 8);
|
|
||||||
|
|
||||||
return (PyObject*) self;
|
|
||||||
}
|
|
||||||
@@ -286,8 +286,8 @@ findLCMStype(char* PILmode)
|
|
||||||
}
|
|
||||||
|
|
||||||
else {
|
|
||||||
- /* take a wild guess... but you probably should fail instead. */
|
|
||||||
- return TYPE_GRAY_8; /* so there's no buffer overrun... */
|
|
||||||
+ /* take a wild guess... */
|
|
||||||
+ return TYPE_GRAY_8;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.44.0
|
|
||||||
|
|
||||||
@ -8,7 +8,7 @@
|
|||||||
|
|
||||||
Name: python-%{srcname}
|
Name: python-%{srcname}
|
||||||
Version: 5.1.1
|
Version: 5.1.1
|
||||||
Release: 21%{?dist}
|
Release: 20%{?dist}
|
||||||
Summary: Python image processing library
|
Summary: Python image processing library
|
||||||
|
|
||||||
# License: see http://www.pythonware.com/products/pil/license.htm
|
# License: see http://www.pythonware.com/products/pil/license.htm
|
||||||
@ -121,10 +121,6 @@ Patch21: CVE-2023-44271.patch
|
|||||||
# Upstream fix: https://github.com/python-pillow/Pillow/commit/02c6183d41c68a8dd080f5739f566bd82485822d
|
# Upstream fix: https://github.com/python-pillow/Pillow/commit/02c6183d41c68a8dd080f5739f566bd82485822d
|
||||||
# Patch rebased and tests converted from pytest to unittests.
|
# Patch rebased and tests converted from pytest to unittests.
|
||||||
Patch22: CVE-2023-50447.patch
|
Patch22: CVE-2023-50447.patch
|
||||||
# CVE-2024-28219 python-pillow: buffer overflow in _imagingcms.c
|
|
||||||
# Upstream fix: https://github.com/python-pillow/Pillow/pull/7928
|
|
||||||
# Patch rebased. The test requires a binary file and therefore isn't backported.
|
|
||||||
Patch23: CVE-2024-28219.patch
|
|
||||||
|
|
||||||
BuildRequires: freetype-devel
|
BuildRequires: freetype-devel
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
@ -269,10 +265,6 @@ popd
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Apr 04 2024 Lumír Balhar <lbalhar@redhat.com> - 5.1.1-21
|
|
||||||
- Security fix for CVE-2024-28219
|
|
||||||
Resolves: RHEL-31071
|
|
||||||
|
|
||||||
* Thu Jan 25 2024 Lumír Balhar <lbalhar@redhat.com> - 5.1.1-20
|
* Thu Jan 25 2024 Lumír Balhar <lbalhar@redhat.com> - 5.1.1-20
|
||||||
- Security fix for CVE-2023-50447
|
- Security fix for CVE-2023-50447
|
||||||
Resolves: RHEL-22240
|
Resolves: RHEL-22240
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user