| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| toplevel-setup.py | no | |||||
| generate-webp-file | no | |||||
| js-script-file.diff | no | |||||
| no-sphinx-removed-in.diff | no | |||||
| no-sphinx-opengraph.diff | no | |||||
| no-sphinx-furo.diff | no | |||||
| pkg-config-multiarch.diff | Handle more than one directory returned by pkg-config. tiff (4.5.0-1) in Debian results in two include directories being returned: ``` -I/usr/include/x86_64-linux-gnu -I/usr/include ``` |
Bas Couwenberg <sebastic@xs4all.nl> | no | 2023-01-14 | ||
| CVE-2023-50447-1.patch | Don't allow __ or builtins in env dictionarys for ImageMath.eval (cherry picked from commit 45c726fd4daa63236a8f3653530f297dc87b160a) |
Eric Soroos <eric-github@soroos.net> | no | 2023-10-27 | ||
| CVE-2023-50447-2.patch | Allow ops (cherry picked from commit 0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80) |
Andrew Murray <radarhere@users.noreply.github.com> | no | 2023-10-28 | ||
| CVE-2023-50447-3.patch | Include further builtins (cherry picked from commit 557ba59d13de919d04b3fd4cdef8634f7d4b3348) |
Andrew Murray <radarhere@users.noreply.github.com> | no | 2023-12-30 | ||
| CVE-2024-28219.patch | Use strncpy to avoid buffer overflow (cherry picked from commit 2a93aba5cfcf6e241ab4f9392c13e3b74032c061) |
Andrew Murray <radarhere@users.noreply.github.com> | no | 2024-02-22 | ||
| CVE-2023-44271.patch | Added ImageFont.MAX_STRING_LENGTH (cherry picked from commit 1fe1bb49c452b0318cad12ea9d97c3bef188e9a7) |
Andrew Murray <radarhere@users.noreply.github.com> | no | 2023-06-30 |