From the 8.10. changelog:
* Fix TIFF OOB Write error. CVE-2020-35654 #5175 [wiredfool]
* Fix for Read Overflow in PCX Decoding. CVE-2020-35653 #5174 [wiredfool, radarhere]
* Fix for SGI Decode buffer overrun. CVE-2020-35655 #5173 [wiredfool, radarhere]
* Fix OOB Read when saving GIF of xsize=1 #5149 [wiredfool]
* Fix OOB Read when writing TIFF with custom Metadata #5148 [wiredfool]
* Fixed dereferencing potential null pointers #5108, #5111 [cgohlke, radarhere]
Do you remember the times when we could wait 30 days before stabilizing stuff? ;-)
Looking good on ppc64.
3 tests fail, which is an improvement over 7.0.0 (bug #706570).
# cat pillow-763210.report
USE tests started on So 10. Jan 23:14:49 CET 2021
FEATURES=' test' failed for =dev-python/pillow-8.1.0
revdep tests started on Mo 11. Jan 00:53:52 CET 2021
FEATURES=' test' USE='-minimal python_single_target_python3_8 scanner' succeeded for net-print/hplip
FEATURES=' test' USE='' succeeded for dev-python/sphinx-gallery
FEATURES=' test' USE='' succeeded for dev-python/scipy
FEATURES=' test' USE='python_single_target_python3_8 scripts' succeeded for app-office/scribus
FEATURES=' test' USE='' succeeded for dev-python/matplotlib
FEATURES=' test' USE='' succeeded for dev-python/reportlab
This issue was resolved and addressed in
GLSA 202101-08 at https://security.gentoo.org/glsa/202101-08
by GLSA coordinator Sam James (sam_c).
Reopening for ppc64.
all arches done
(In reply to ernsteiswuerfel from comment #8)
> Looking good on ppc64.
> 3 tests fail, which is an improvement over 7.0.0 (bug #706570).
Thank you! (And thank you for comparing, it helps in situations like this!)
@maintainers, please cleanup.
(In reply to Michał Górny from comment #1)
> Do you remember the times when we could wait 30 days before stabilizing
> stuff? ;-)
I try to make that hard to do!