diff --git a/Pillow-8.1.1.tar.gz b/Pillow-8.1.2.tar.gz similarity index 79% rename from Pillow-8.1.1.tar.gz rename to Pillow-8.1.2.tar.gz index f202cbbe6a7ae6202968f10bd5eccf4b9d24dd21..31bde5e546ad935ebf9d6f1ed2cc56b4043312fd 100644 Binary files a/Pillow-8.1.1.tar.gz and b/Pillow-8.1.2.tar.gz differ diff --git a/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch b/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch deleted file mode 100644 index dc39e2a8a45125c5954ca502b4fb36f73973ee52..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 480f6819b592d7f07b9a9a52a7656c10bbe07442 Mon Sep 17 00:00:00 2001 -From: Eric Soroos -Date: Wed, 24 Feb 2021 23:27:07 +0100 -Subject: [PATCH] Fix Memory DOS in Icns, Ico and Blp Image Plugins - -Some container plugins that could contain images of other formats, -such as the ICNS format, did not properly check the reported size of -the contained image. These images could cause arbitrariliy large -memory allocations. - -This is fixed for all locations where individual *ImageFile classes -are created without going through the usual Image.open method. ---- - - src/PIL/BlpImagePlugin.py | 1 + - src/PIL/IcnsImagePlugin.py | 2 ++ - src/PIL/IcoImagePlugin.py | 1 + - 3 files changed, 4 insertions(+) - -diff -Nuar Pillow-8.1.1-old/src/PIL/BlpImagePlugin.py Pillow-8.1.1/src/PIL/BlpImagePlugin.py ---- Pillow-8.1.1-old/src/PIL/BlpImagePlugin.py 2021-03-13 16:44:33.159000000 +0800 -+++ Pillow-8.1.1/src/PIL/BlpImagePlugin.py 2021-03-13 16:51:52.803000000 +0800 -@@ -353,6 +353,7 @@ - data = jpeg_header + data - data = BytesIO(data) - image = JpegImageFile(data) -+ Image._decompression_bomb_check(image.size) - self.tile = image.tile # :/ - self.fd = image.fp - self.mode = image.mode -diff -Nuar Pillow-8.1.1-old/src/PIL/IcnsImagePlugin.py Pillow-8.1.1/src/PIL/IcnsImagePlugin.py ---- Pillow-8.1.1-old/src/PIL/IcnsImagePlugin.py 2021-03-13 16:44:33.160000000 +0800 -+++ Pillow-8.1.1/src/PIL/IcnsImagePlugin.py 2021-03-13 16:54:10.925000000 +0800 -@@ -105,6 +105,7 @@ - if sig[:8] == b"\x89PNG\x0d\x0a\x1a\x0a": - fobj.seek(start) - im = PngImagePlugin.PngImageFile(fobj) -+ Image._decompression_bomb_check(im.size) - return {"RGBA": im} - elif ( - sig[:4] == b"\xff\x4f\xff\x51" -@@ -120,6 +121,7 @@ - fobj.seek(start) - jp2kstream = fobj.read(length) - f = io.BytesIO(jp2kstream) -+ Image._decompression_bomb_check(im.size) - im = Jpeg2KImagePlugin.Jpeg2KImageFile(f) - if im.mode != "RGBA": - im = im.convert("RGBA") -diff -Nuar Pillow-8.1.1-old/src/PIL/IcoImagePlugin.py Pillow-8.1.1/src/PIL/IcoImagePlugin.py ---- Pillow-8.1.1-old/src/PIL/IcoImagePlugin.py 2021-03-13 16:44:33.160000000 +0800 -+++ Pillow-8.1.1/src/PIL/IcoImagePlugin.py 2021-03-13 16:55:31.306000000 +0800 -@@ -178,6 +178,7 @@ - if data[:8] == PngImagePlugin._MAGIC: - # png frame - im = PngImagePlugin.PngImageFile(self.buf) -+ Image._decompression_bomb_check(im.size) - else: - # XOR + AND mask bmp frame - im = BmpImagePlugin.DibImageFile(self.buf) diff --git a/python-pillow.spec b/python-pillow.spec index 7b04f0d8c34614685e53ca3a516842a8cd5eeddb..4a38e40b579815fa08ad2d28f5bdcfeb2addcf15 100644 --- a/python-pillow.spec +++ b/python-pillow.spec @@ -4,8 +4,8 @@ %global with_docs 0 Name: python-pillow -Version: 8.1.1 -Release: 6 +Version: 8.1.2 +Release: 1 Summary: Python image processing library License: MIT URL: http://python-pillow.github.io/ @@ -14,21 +14,20 @@ Source0: https://github.com/python-pillow/Pillow/archive/%{version}/Pillo Patch0: python-pillow_spinxwarn.patch Patch1: python-pillow_sphinx-issues.patch -Patch6000: backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch -Patch6001: backport-Fix-Wformat-error-in-TiffDecode.patch -Patch6002: backport-Updated-format-specifiers.patch -Patch6003: backport-CVE-2021-25287-CVE-2021-25288.patch -Patch6004: backport-CVE-2021-28675.patch -Patch6005: backport-CVE-2021-28676.patch -Patch6006: backport-CVE-2021-28677.patch -Patch6007: backport-CVE-2021-28678.patch -Patch6008: backport-Fixed-linear_gradient-and-radial_gradient-32-bit-mod.patch -Patch6009: backport-fixes-crash-74d2.patch -Patch6010: backport-fix-for-crash-8115.patch -Patch6011: backport-Fix-Memory-DOS-in-ImageFont.patch -Patch6012: backport-0001-CVE-2021-34552.patch -Patch6013: backport-0002-CVE-2021-34552.patch -Patch6014: backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch +Patch6000: backport-Fix-Wformat-error-in-TiffDecode.patch +Patch6001: backport-Updated-format-specifiers.patch +Patch6002: backport-CVE-2021-25287-CVE-2021-25288.patch +Patch6003: backport-CVE-2021-28675.patch +Patch6004: backport-CVE-2021-28676.patch +Patch6005: backport-CVE-2021-28677.patch +Patch6006: backport-CVE-2021-28678.patch +Patch6007: backport-Fixed-linear_gradient-and-radial_gradient-32-bit-mod.patch +Patch6008: backport-fixes-crash-74d2.patch +Patch6009: backport-fix-for-crash-8115.patch +Patch6010: backport-Fix-Memory-DOS-in-ImageFont.patch +Patch6011: backport-0001-CVE-2021-34552.patch +Patch6012: backport-0002-CVE-2021-34552.patch +Patch6013: backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch BuildRequires: freetype-devel ghostscript lcms2-devel libimagequant-devel libjpeg-devel libraqm-devel libtiff-devel BuildRequires: libwebp-devel openjpeg2-devel tk-devel zlib-devel python3-cffi python3-devel python3-numpy python3-olefile @@ -42,7 +41,7 @@ BuildRequires: python3-sphinx-removed-in Requires: ghostscript %global __provides_exclude_from ^%{python3_sitearch}/PIL/.*\\.so$ - + %description Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging \ Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. @@ -160,6 +159,9 @@ popd %{python3_sitearch}/PIL/__pycache__/ImageQt* %changelog +* Wed Jul 14 2021 OpenStack_SIG - 8.1.2-1 +- Update to 8.1.2 + * Thu Jul 15 2021 liuyumeng - 8.1.1-6 - Type:bugfix - CVE:CVE-2021-34552