jenkins-bot merged this change.
Restrict Pillow to 6.2.2+
Bug: T249911
Change-Id: Id7b3141b6e489234527ef6abab503004a033c924
---
M requirements.txt
M setup.py
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/requirements.txt b/requirements.txt
index 133021f..ad66d97 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -41,9 +41,9 @@
python-stdnum >= 1.13
# GUI
-Pillow < 7.0.0, >= 6.2.0 ; python_version < '3'
+Pillow >= 6.2.2, < 7.0.0 ; python_version < '3'
Pillow < 6.0.0 ; python_version == '3.4'
-Pillow >= 6.2.1 ; python_version >= '3.5'
+Pillow >= 6.2.2 ; python_version >= '3.5'
# core pagegenerators
google >= 1.7
diff --git a/setup.py b/setup.py
index 21407cf..21711c2 100644
--- a/setup.py
+++ b/setup.py
@@ -41,10 +41,10 @@
'Graphviz': ['pydot>=1.2'],
'Google': ['google>=1.7'],
'mwparserfromhell': ['mwparserfromhell>=0.3.3'],
- 'Tkinter': [
- 'Pillow<7.0.0,>=6.2.0;python_version<"3"',
- 'Pillow<6.0.0;python_version=="3.4"', # vulnerability found
- 'Pillow>=6.2.1;python_version>="3.5"', # 6.2.1 required for PY 3.8
+ 'Tkinter': [ # vulnerability found in Pillow<6.2.2
+ 'Pillow>=6.2.2,<7.0.0;python_version<"3"',
+ 'Pillow<6.0.0;python_version=="3.4"',
+ 'Pillow>=6.2.2;python_version>="3.5"',
],
'security': [
'requests[security]'
To view, visit change 587995. To unsubscribe, or for help writing mail filters, visit settings.