python3-pillow: fix CVE-2026-25990

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-25990 Backport commit[1] which fixes this vulnerability as mentioned NVD report in [2]. [1] 9000313cc5 [2] https://nvd.nist.gov/vuln/detail/CVE-2026-25990 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-05-07 05:10:20 +00:00 · 2026-03-18 13:30:15 +05:30
parent d3a45ead9c
commit 808d3a73de
2 changed files with 92 additions and 0 deletions
--- a/meta-python/recipes-devtools/python/python3-pillow_10.3.0.bb
+++ b/meta-python/recipes-devtools/python/python3-pillow_10.3.0.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c349a4b4b9ec2377a8fd6a7df87dbffe"
 SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=main;protocol=https \
           file://0001-support-cross-compiling.patch \
           file://run-ptest \
+           file://CVE-2026-25990.patch \
           "
 SRCREV = "5c89d88eee199ba53f64581ea39b6a1bc52feb1a"