From the 8.10. changelog: * Fix TIFF OOB Write error. CVE-2020-35654 #5175 [wiredfool] * Fix for Read Overflow in PCX Decoding. CVE-2020-35653 #5174 [wiredfool, radarhere] * Fix for SGI Decode buffer overrun. CVE-2020-35655 #5173 [wiredfool, radarhere] * Fix OOB Read when saving GIF of xsize=1 #5149 [wiredfool] * Fix OOB Read when writing TIFF with custom Metadata #5148 [wiredfool] * Fixed dereferencing potential null pointers #5108, #5111 [cgohlke, radarhere]
Do you remember the times when we could wait 30 days before stabilizing stuff? ;-)
amd64 done
arm64 done
sparc stable
x86 done
ppc done
arm done
Looking good on ppc64. 3 tests fail, which is an improvement over 7.0.0 (bug #706570). # cat pillow-763210.report USE tests started on So 10. Jan 23:14:49 CET 2021 FEATURES=' test' failed for =dev-python/pillow-8.1.0 revdep tests started on Mo 11. Jan 00:53:52 CET 2021 FEATURES=' test' USE='-minimal python_single_target_python3_8 scanner' succeeded for net-print/hplip FEATURES=' test' USE='' succeeded for dev-python/sphinx-gallery FEATURES=' test' USE='' succeeded for dev-python/scipy FEATURES=' test' USE='python_single_target_python3_8 scripts' succeeded for app-office/scribus FEATURES=' test' USE='' succeeded for dev-python/matplotlib FEATURES=' test' USE='' succeeded for dev-python/reportlab
This issue was resolved and addressed in GLSA 202101-08 at https://security.gentoo.org/glsa/202101-08 by GLSA coordinator Sam James (sam_c).
Reopening for ppc64.
ppc64 done all arches done
(In reply to ernsteiswuerfel from comment #8) > Looking good on ppc64. > > 3 tests fail, which is an improvement over 7.0.0 (bug #706570). > Thank you! (And thank you for comparing, it helps in situations like this!) @maintainers, please cleanup.
(In reply to Michał Górny from comment #1) > Do you remember the times when we could wait 30 days before stabilizing > stuff? ;-) I try to make that hard to do!
