From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
To: buildroot@buildroot.org
Cc: Angelo Compagnucci <angelo.compagnucci@gmail.com>,
Fabrice Fontaine <fontaine.fabrice@gmail.com>,
Asaf Kahlon <asafka7@gmail.com>
Subject: [Buildroot] [PATCH 1/1] package/python-pillow: security bump to version 9.1.1
Date: Mon, 13 Jun 2022 23:14:19 +0200 [thread overview]
Message-ID: <20220613211419.296864-1-fontaine.fabrice@gmail.com> (raw)
This release addresses several security problems including
CVE-2022-30595.
https://github.com/python-pillow/Pillow/releases/tag/9.1.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/python-pillow/python-pillow.hash | 4 ++--
package/python-pillow/python-pillow.mk | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/python-pillow/python-pillow.hash b/package/python-pillow/python-pillow.hash
index 2e259c1caf..ff23ed6299 100644
--- a/package/python-pillow/python-pillow.hash
+++ b/package/python-pillow/python-pillow.hash
@@ -1,6 +1,6 @@
# md5, sha256 from https://pypi.org/pypi/pillow/json
-md5 a9ebd39b3482993474872757d317e26f Pillow-9.1.0.tar.gz
-sha256 f401ed2bbb155e1ade150ccc63db1a4f6c1909d3d378f7d1235a44e90d75fb97 Pillow-9.1.0.tar.gz
+md5 f0d347298e72b403fbc3198677f394bb Pillow-9.1.1.tar.gz
+sha256 7502539939b53d7565f3d11d87c78e7ec900d3c72945d4ee0e2f250d598309a0 Pillow-9.1.1.tar.gz
# Locally computed sha256 checksums
sha256 a6554cb737ba6c9b47d3301f78de03b4ed0d3f08d6cf9400714f3d4c894f6943 LICENSE
diff --git a/package/python-pillow/python-pillow.mk b/package/python-pillow/python-pillow.mk
index 2abe5e04ef..8c9cb86863 100644
--- a/package/python-pillow/python-pillow.mk
+++ b/package/python-pillow/python-pillow.mk
@@ -4,8 +4,8 @@
#
################################################################################
-PYTHON_PILLOW_VERSION = 9.1.0
-PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/4b/83/090146d7871d90a2643d469c319c1d014e41b315ab5cf0f8b4b6a764ef31
+PYTHON_PILLOW_VERSION = 9.1.1
+PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/43/6e/59853546226ee6200f9ba6e574d11604b60ad0754d2cbd1c8f3246b70418
PYTHON_PILLOW_SOURCE = Pillow-$(PYTHON_PILLOW_VERSION).tar.gz
PYTHON_PILLOW_LICENSE = HPND
PYTHON_PILLOW_LICENSE_FILES = LICENSE
--
2.35.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next reply other threads:[~2022-06-13 21:17 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-13 21:14 Fabrice Fontaine [this message]
2022-07-16 15:41 ` [Buildroot] [PATCH 1/1] package/python-pillow: security bump to version 9.1.1 Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220613211419.296864-1-fontaine.fabrice@gmail.com \
--to=fontaine.fabrice@gmail.com \
--cc=angelo.compagnucci@gmail.com \
--cc=asafka7@gmail.com \
--cc=buildroot@buildroot.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.