python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-12-26 01:46:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Removed warning about zlib 1.2.2 security vulnerability

Browse Source
This commit is contained in:
Andrew Murray 2017-01-19 19:45:49 +11:00
parent a3d81e0677
commit a46ce022e7
1 changed files with 3 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
setup.py
View File

@ -631,16 +631,11 @@ class pil_build_ext(build_ext):
build_ext.build_extensions(self) build_ext.build_extensions(self)
# #
# sanity and security checks # sanity checks
unsafe_zlib = None self.summary_report(feature)
if feature.zlib: def summary_report(self, feature):
unsafe_zlib = self.check_zlib_version(self.compiler.include_dirs)
self.summary_report(feature, unsafe_zlib)
def summary_report(self, feature, unsafe_zlib):
print("-" * 68) print("-" * 68)
print("PIL SETUP SUMMARY") print("PIL SETUP SUMMARY")
@ -676,16 +671,6 @@ class pil_build_ext(build_ext):
print("*** %s support not available" % option[1]) print("*** %s support not available" % option[1])
all = 0 all = 0
if feature.zlib and unsafe_zlib:
print("")
print("*** Warning: zlib", unsafe_zlib)
print("may contain a security vulnerability.")
print("*** Consider upgrading to zlib 1.2.3 or newer.")
print("*** See: http://www.kb.cert.org/vuls/id/238678")
print(" http://www.kb.cert.org/vuls/id/680620")
print(" http://www.gzip.org/zlib/advisory-2002-03-11.txt")
print("")
print("-" * 68) print("-" * 68)
if not all: if not all:
@ -697,21 +682,6 @@ class pil_build_ext(build_ext):
print("To check the build, run the selftest.py script.") print("To check the build, run the selftest.py script.")
print("") print("")
def check_zlib_version(self, include_dirs):
# look for unsafe versions of zlib
for subdir in include_dirs:
zlibfile = os.path.join(subdir, "zlib.h")
if os.path.isfile(zlibfile):
break
else:
return
for line in open(zlibfile).readlines():
m = re.match(r'#define\s+ZLIB_VERSION\s+"([^"]*)"', line)
if not m:
continue
if m.group(1) < "1.2.3":
return m.group(1)
# https://hg.python.org/users/barry/rev/7e8deab93d5a # https://hg.python.org/users/barry/rev/7e8deab93d5a
def add_multiarch_paths(self): def add_multiarch_paths(self):
# Debian/Ubuntu multiarch support. # Debian/Ubuntu multiarch support.