mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-02 02:49:12 +00:00
717462f811
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). References: https://security-tracker.debian.org/tracker/CVE-2023-50447 https://github.com/python-pillow/Pillow/blob/10.2.0/CHANGES.rst Signed-off-by: Rahul Janani Pandi <RahulJanani.Pandi@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta-python
================================
Introduction
-------------------------
This layer is intended to be the home of python modules for OpenEmbedded.
Dependencies
-------------------------
The meta-python layer depends on:
URI: git://git.openembedded.org/openembedded-core
layers: meta
branch: kirkstone
URI: git://git.openembedded.org/meta-openembedded
layers: meta-oe
branch: kirkstone
Please follow the recommended setup procedures of your OE distribution.
For Angstrom that is:
http://www.angstrom-distribution.org/building-angstrom,
other distros should have similar online resources.
Contributing
-------------------------
The meta-openembedded mailinglist
(openembedded-devel@lists.openembedded.org) is used for questions,
comments and patch review. It is subscriber only, so please register
before posting.
Send pull requests to openembedded-devel@lists.openembedded.org with
'[meta-python][kirkstone]' in the subject.
When sending single patches, please use something like:
git send-email -M -1 --to=openembedded-devel@lists.openembedded.org --subject-prefix='meta-python][kirkstone][PATCH'
Maintenance
-------------------------
Layer maintainers: Armin Kuster <akuster808@gmail.com>