[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47259: python-pillow-simd package vulnerable to at least CVE-2021-25
From: |
Léo Le Bouter |
Subject: |
bug#47259: python-pillow-simd package vulnerable to at least CVE-2021-25293 |
Date: |
Fri, 19 Mar 2021 11:37:09 +0100 |
User-agent: |
Evolution 3.34.2 |
Hello!
pillow-simd is a fork of pillow (
https://github.com/uploadcare/pillow-simd), it's currently still at
version 7.x and it does not seem like it backports security patches
from pillow.
$ ./pre-inst-env guix refresh -l python-pillow-simd
No dependents other than itself: python-pillow-simd@7.1.2
Do we remove it? Do we want to commit to backporting/applying all fixes
from python-pillow back in python-pillow-simd ourselves (I don't)?
Léo
signature.asc
Description: This is a digitally signed message part
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#47259: python-pillow-simd package vulnerable to at least CVE-2021-25293,
Léo Le Bouter <=