user/py3-pillow: [CVE] Update to 9.1.1

Release 6 was not compatible with Python 3.10 and causing segfaults. Fixes: #612
author: A. Wilcox <AWilcox@Wilcox-Tech.com> 2022-06-01 02:06:00 -0500
committer: Zach van Rijn <me@zv.io> 2022-10-21 18:34:01 -0500
commit: 4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece (patch)
tree: 1b44155991b271840c6376ef16a5d8733723c212 /user/py3-pillow/APKBUILD
parent: 456764eb6b1c59869e58733565e846dff42e55bf (diff)
download: packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.tar.gz
packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.tar.bz2
packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.tar.xz
packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.zip
1 files changed, 33 insertions, 3 deletions
diff --git a/user/py3-pillow/APKBUILD b/user/py3-pillow/APKBUILD
index bb4878256..aed901aae 100644
--- a/user/py3-pillow/APKBUILD
+++ b/user/py3-pillow/APKBUILD
@@ -4,13 +4,13 @@ pkgname=py3-pillow
 _pkgname=Pillow
 _p="${_pkgname#?}"
 _p="${_pkgname%"$_p"}"
-pkgver=6.2.2
+pkgver=9.1.1
 pkgrel=0
 pkgdesc="A Python Imaging Library"
 url="https://pypi.org/project/Pillow"
 arch="all"
 # Certified net clean
-license="Custom"
+license="HPND"
 depends="py3-olefile python3"
 makedepends="python3-dev freetype-dev libjpeg-turbo-dev libwebp-dev
 	tiff-dev libpng-dev lcms2-dev openjpeg-dev zlib-dev"
@@ -21,6 +21,36 @@ source="$pkgname-$pkgver.tar.gz::https://files.pythonhosted.org/packages/source/
 builddir="$srcdir/$_pkgname-$pkgver"
 
 # secfixes: pillow
+#   9.1.1-r0:
+#     - CVE-2020-10177
+#     - CVE-2020-10378
+#     - CVE-2020-10379
+#     - CVE-2020-10994
+#     - CVE-2020-11538
+#     - CVE-2020-35653
+#     - CVE-2020-35654
+#     - CVE-2020-35655
+#     - CVE-2021-23437
+#     - CVE-2021-25287
+#     - CVE-2021-25288
+#     - CVE-2021-25289
+#     - CVE-2021-25290
+#     - CVE-2021-25291
+#     - CVE-2021-25292
+#     - CVE-2021-25293
+#     - CVE-2021-27921
+#     - CVE-2021-27922
+#     - CVE-2021-27923
+#     - CVE-2021-28675
+#     - CVE-2021-28676
+#     - CVE-2021-28677
+#     - CVE-2021-28678
+#     - CVE-2021-34552
+#     - CVE-2022-22815
+#     - CVE-2022-22816
+#     - CVE-2022-22817
+#     - CVE-2022-24303
+#     - CVE-2022-30595
 #   6.2.2-r0:
 #     - CVE-2019-19911
 #     - CVE-2020-5310
@@ -57,5 +87,5 @@ doc() {
 	install -Dm644 "$builddir"/LICENSE "$subpkgdir/usr/share/licenses/$pkgname/LICENSE"
 }
 
-sha512sums="517c971d4fb23a47466a7e8326c8c29291f7832d4521001c1898d6223ea25d4b0a8b7c8f7e78dd706f421229a8261b558b9fbdc43e47a0a2a7b2b4bbc1a21eff  py3-pillow-6.2.2.tar.gz
+sha512sums="5fbb94cb3046c002e996f61bfbfaca0b30e9e068aa7ab13083cd2ff8c3e9cc18c5aab04ecc3de5a83eb985186f90dacbd42bad1905b0e89f0e34238af54b304e  py3-pillow-9.1.1.tar.gz
 c01e83a7cef6653a33f60acbcbc737f0d40ff0dbc792ce0b2ce52f21092d3071845830fa0f64b27a1c5e679c53df57e0ec2e89867ee717f938d4e6f19db77790  py3-pillow-scripts-b24479c.tar.gz"
author	A. Wilcox <AWilcox@Wilcox-Tech.com>	2022-06-01 02:06:00 -0500
committer	Zach van Rijn <me@zv.io>	2022-10-21 18:34:01 -0500
commit	4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece (patch)
tree	1b44155991b271840c6376ef16a5d8733723c212 /user/py3-pillow/APKBUILD
parent	456764eb6b1c59869e58733565e846dff42e55bf (diff)
download	packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.tar.gz packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.tar.bz2 packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.tar.xz packages-4ee2953d7dcce67e2d4cd6eccbbe91d1e28c7ece.zip