* [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1
@ 2022-02-22 11:33 Angelo Compagnucci
2022-03-12 17:07 ` Arnout Vandecappelle
2022-03-19 19:11 ` Peter Korsgaard
0 siblings, 2 replies; 4+ messages in thread
From: Angelo Compagnucci @ 2022-02-22 11:33 UTC (permalink / raw)
To: buildroot; +Cc: Angelo Compagnucci
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
---
package/python-pillow/python-pillow.hash | 4 ++--
package/python-pillow/python-pillow.mk | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/python-pillow/python-pillow.hash b/package/python-pillow/python-pillow.hash
index f3ca8e6014..88a5d7cada 100644
--- a/package/python-pillow/python-pillow.hash
+++ b/package/python-pillow/python-pillow.hash
@@ -1,6 +1,6 @@
# md5, sha256 from https://pypi.org/pypi/pillow/json
-md5 c5af6e413d2fe9247cf16ce25c816b14 Pillow-9.0.0.tar.gz
-sha256 ee6e2963e92762923956fe5d3479b1fdc3b76c83f290aad131a2f98c3df0593e Pillow-9.0.0.tar.gz
+md5 8deffccb4f402df154fd2fd504d8487c Pillow-9.0.1.tar.gz
+sha256 6c8bc8238a7dfdaf7a75f5ec5a663f4173f8c367e5a39f87e720495e1eed75fa Pillow-9.0.1.tar.gz
# Locally computed sha256 checksums
sha256 a6554cb737ba6c9b47d3301f78de03b4ed0d3f08d6cf9400714f3d4c894f6943 LICENSE
diff --git a/package/python-pillow/python-pillow.mk b/package/python-pillow/python-pillow.mk
index 2f2e817882..901876e0ee 100644
--- a/package/python-pillow/python-pillow.mk
+++ b/package/python-pillow/python-pillow.mk
@@ -4,8 +4,8 @@
#
################################################################################
-PYTHON_PILLOW_VERSION = 9.0.0
-PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/b0/43/3e286c93b9fa20e233d53532cc419b5aad8a468d91065dbef4c846058834
+PYTHON_PILLOW_VERSION = 9.0.1
+PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/03/a3/f61a9a7ff7969cdef2a6e0383a346eb327495d20d25a2de5a088dbb543a6
PYTHON_PILLOW_SOURCE = Pillow-$(PYTHON_PILLOW_VERSION).tar.gz
PYTHON_PILLOW_LICENSE = HPND
PYTHON_PILLOW_LICENSE_FILES = LICENSE
--
2.25.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1
2022-02-22 11:33 [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1 Angelo Compagnucci
@ 2022-03-12 17:07 ` Arnout Vandecappelle
2022-03-19 19:11 ` Peter Korsgaard
1 sibling, 0 replies; 4+ messages in thread
From: Arnout Vandecappelle @ 2022-03-12 17:07 UTC (permalink / raw)
To: Angelo Compagnucci, buildroot
On 22/02/2022 12:33, Angelo Compagnucci wrote:
> Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Applied to master, thanks.
Regards,
Arnout
> ---
> package/python-pillow/python-pillow.hash | 4 ++--
> package/python-pillow/python-pillow.mk | 4 ++--
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/python-pillow/python-pillow.hash b/package/python-pillow/python-pillow.hash
> index f3ca8e6014..88a5d7cada 100644
> --- a/package/python-pillow/python-pillow.hash
> +++ b/package/python-pillow/python-pillow.hash
> @@ -1,6 +1,6 @@
> # md5, sha256 from https://pypi.org/pypi/pillow/json
> -md5 c5af6e413d2fe9247cf16ce25c816b14 Pillow-9.0.0.tar.gz
> -sha256 ee6e2963e92762923956fe5d3479b1fdc3b76c83f290aad131a2f98c3df0593e Pillow-9.0.0.tar.gz
> +md5 8deffccb4f402df154fd2fd504d8487c Pillow-9.0.1.tar.gz
> +sha256 6c8bc8238a7dfdaf7a75f5ec5a663f4173f8c367e5a39f87e720495e1eed75fa Pillow-9.0.1.tar.gz
>
> # Locally computed sha256 checksums
> sha256 a6554cb737ba6c9b47d3301f78de03b4ed0d3f08d6cf9400714f3d4c894f6943 LICENSE
> diff --git a/package/python-pillow/python-pillow.mk b/package/python-pillow/python-pillow.mk
> index 2f2e817882..901876e0ee 100644
> --- a/package/python-pillow/python-pillow.mk
> +++ b/package/python-pillow/python-pillow.mk
> @@ -4,8 +4,8 @@
> #
> ################################################################################
>
> -PYTHON_PILLOW_VERSION = 9.0.0
> -PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/b0/43/3e286c93b9fa20e233d53532cc419b5aad8a468d91065dbef4c846058834
> +PYTHON_PILLOW_VERSION = 9.0.1
> +PYTHON_PILLOW_SITE = https://files.pythonhosted.org/packages/03/a3/f61a9a7ff7969cdef2a6e0383a346eb327495d20d25a2de5a088dbb543a6
> PYTHON_PILLOW_SOURCE = Pillow-$(PYTHON_PILLOW_VERSION).tar.gz
> PYTHON_PILLOW_LICENSE = HPND
> PYTHON_PILLOW_LICENSE_FILES = LICENSE
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1
2022-02-22 11:33 [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1 Angelo Compagnucci
2022-03-12 17:07 ` Arnout Vandecappelle
@ 2022-03-19 19:11 ` Peter Korsgaard
2022-03-19 23:47 ` James Hilliard
1 sibling, 1 reply; 4+ messages in thread
From: Peter Korsgaard @ 2022-03-19 19:11 UTC (permalink / raw)
To: Angelo Compagnucci; +Cc: buildroot
>>>>> "Angelo" == Angelo Compagnucci <angelo@amarulasolutions.com> writes:
> Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Looking at the changelog, 9.0.1 seems to be a security fix release
fixing two CVEs:
https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst
Please mark such version bumps as security related so I don't miss them.
Committed with that fixed to 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1
2022-03-19 19:11 ` Peter Korsgaard
@ 2022-03-19 23:47 ` James Hilliard
0 siblings, 0 replies; 4+ messages in thread
From: James Hilliard @ 2022-03-19 23:47 UTC (permalink / raw)
To: Peter Korsgaard; +Cc: buildroot, Angelo Compagnucci
On Sat, Mar 19, 2022 at 1:11 PM Peter Korsgaard <peter@korsgaard.com> wrote:
>
> >>>>> "Angelo" == Angelo Compagnucci <angelo@amarulasolutions.com> writes:
>
> > Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
>
> Looking at the changelog, 9.0.1 seems to be a security fix release
> fixing two CVEs:
>
> https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst
>
> Please mark such version bumps as security related so I don't miss them.
>
> Committed with that fixed to 2022.02.x, thanks.
FYI there might be a regression, 9.0.1 is broken on master at least,
this should fix it:
https://patchwork.ozlabs.org/project/buildroot/patch/20220316060219.3448648-1-james.hilliard1@gmail.com/
>
> --
> Bye, Peter Korsgaard
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-03-19 23:47 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-22 11:33 [Buildroot] [PATCH] package/python-pillow: bump to version 9.0.1 Angelo Compagnucci
2022-03-12 17:07 ` Arnout Vandecappelle
2022-03-19 19:11 ` Peter Korsgaard
2022-03-19 23:47 ` James Hilliard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.