Hello community, here is the log from the commit of package python3-Pillow for openSUSE:Factory checked in at 2016-02-08 09:48:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-Pillow (Old) and /work/SRC/openSUSE:Factory/.python3-Pillow.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-Pillow" Changes: -------- --- /work/SRC/openSUSE:Factory/python3-Pillow/python3-Pillow.changes 2016-01-13 22:46:12.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python3-Pillow.new/python3-Pillow.changes 2016-02-08 09:48:30.000000000 +0100 @@ -1,0 +2,14 @@ +Sat Feb 6 04:02:55 UTC 2016 - arun@gmx.de + +- update to version 3.1.1: + * Fixed an integer overflow in Resample.c causing writes in the + Python heap. [nedwill] + * Fixed a buffer overflow in PcdDecode.c causing a segfault when + opening PhotoCD files. CVE-2016-TBD [wiredfool] + * Fixed a buffer overflow in FliDecode.c causing a segfault when + opening FLI files. CVE-2016-0775 [wiredfool] + * Fixed a buffer overflow in TiffDecode.c causing an arbitrary + amount of memory to be overwritten when opening a specially + crafted invalid TIFF file. CVE-2016-0740 [wiredfool] + +------------------------------------------------------------------- Old: ---- Pillow-3.1.0.tar.gz New: ---- Pillow-3.1.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-Pillow.spec ++++++ --- /var/tmp/diff_new_pack.knhzHy/_old 2016-02-08 09:48:31.000000000 +0100 +++ /var/tmp/diff_new_pack.knhzHy/_new 2016-02-08 09:48:31.000000000 +0100 @@ -17,7 +17,7 @@ Name: python3-Pillow -Version: 3.1.0 +Version: 3.1.1 Release: 0 Summary: Python Imaging Library (Fork) License: HPND ++++++ Pillow-3.1.0.tar.gz -> Pillow-3.1.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/python3-Pillow/Pillow-3.1.0.tar.gz /work/SRC/openSUSE:Factory/.python3-Pillow.new/Pillow-3.1.1.tar.gz differ: char 5, line 1