[bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gn

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gn

From:	Lars-Dominik Braun
Subject:	[bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gnu: python-pillow: Update to 9.3.0 [fixes CVE-2022-45199].
Date:	Sun, 12 Feb 2023 09:31:45 +0100

Hi,

> Unless something has changed recently (possible, I haven't paid close 
> attention), yes, it's possible to graft Python packages.
that was my feeling too. Attached is a patch that only applies the CVE
fix. I’m not comfortable bumping Pillow to 9.3 just like that. We
should re-build packages, so they can run their test-suites.

> Additionally, we can attempt a rapid rebuilding of pillow's dependents, 
> perhaps along with a few other "ungrafting" changes. We are aiming to do the 
> graft->ungraft cycles more quickly than previously.
Do we have a branch for that already?

Lars

0001-gnu-python-pillow-Fix-CVE-2022-45199.patch
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gnu: python-pillow: Update to 9.3.0 [fixes CVE-2022-45199]., Lars-Dominik Braun, 2023/02/04
- [bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gnu: python-pillow: Update to 9.3.0 [fixes CVE-2022-45199]., Leo Famulari, 2023/02/05
  - [bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gnu: python-pillow: Update to 9.3.0 [fixes CVE-2022-45199]., Lars-Dominik Braun <=

Prev by Date: [bug#61434] [PATCH] gnu: Add emacs-pasp-mode.
Next by Date: [bug#61451] [PATCH] gnu: php: Drop the failed test for riscv64.
Previous by thread: [bug#61172] [Nicolas Graves via Guix-patches via] [bug#61172] [PATCH] gnu: python-pillow: Update to 9.3.0 [fixes CVE-2022-45199].
Next by thread: [bug#61276] [PATCH] gnu: WebKit: Update to 2.38.4.
Index(es):
- Date
- Thread