Binary files /tmp/tmpl8qlxvwd/4X5Q3gYMYy/pillow-10.0.0/Tests/icc/sGrey-v2-nano.icc and /tmp/tmpl8qlxvwd/Ltsa3Dh_so/pillow-10.0.0/Tests/icc/sGrey-v2-nano.icc differ
diff -Nru pillow-10.0.0/debian/changelog pillow-10.0.0/debian/changelog
--- pillow-10.0.0/debian/changelog	2024-01-25 15:02:07.000000000 +0000
+++ pillow-10.0.0/debian/changelog	2024-04-15 13:52:02.000000000 +0000
@@ -1,3 +1,12 @@
+pillow (10.0.0-1ubuntu0.2) mantic-security; urgency=medium
+
+  * SECURITY UPDATE: Buffer overflow in imagingcms.c
+    - debian/patches/CVE-2024-28219.patch: Use strncpy
+    to avoid buffer overflow
+    - CVE-2024-28219
+
+ -- Nick Galanis <nick.galanis@canonical.com>  Mon, 15 Apr 2024 14:52:02 +0100
+
 pillow (10.0.0-1ubuntu0.1) mantic-security; urgency=medium
 
   * SECURITY UPDATE: PIL.ImageMath.eval Arbitrary Code Execution
diff -Nru pillow-10.0.0/debian/patches/CVE-2024-28219.patch pillow-10.0.0/debian/patches/CVE-2024-28219.patch
--- pillow-10.0.0/debian/patches/CVE-2024-28219.patch	1970-01-01 00:00:00.000000000 +0000
+++ pillow-10.0.0/debian/patches/CVE-2024-28219.patch	2024-04-15 13:51:39.000000000 +0000
@@ -0,0 +1,45 @@
+From 2a93aba5cfcf6e241ab4f9392c13e3b74032c061 Mon Sep 17 00:00:00 2001
+From: Andrew Murray <radarhere@users.noreply.github.com>
+Date: Thu, 22 Feb 2024 18:56:26 +1100
+Subject: [PATCH] Use strncpy to avoid buffer overflow
+
+Index: pillow-10.0.0/Tests/test_imagecms.py
+===================================================================
+--- pillow-10.0.0.orig/Tests/test_imagecms.py
++++ pillow-10.0.0/Tests/test_imagecms.py
+@@ -626,3 +626,9 @@ def test_rgb_lab(mode):
+     im = Image.new("LAB", (1, 1), (255, 0, 0))
+     converted_im = im.convert(mode)
+     assert converted_im.getpixel((0, 0))[:3] == (0, 255, 255)
++
++
++
++def test_long_modes():
++    p = ImageCms.getOpenProfile("Tests/icc/sGrey-v2-nano.icc")
++    ImageCms.buildTransform(p, p, "ABCDEFGHI", "ABCDEFGHI")
+Index: pillow-10.0.0/src/_imagingcms.c
+===================================================================
+--- pillow-10.0.0.orig/src/_imagingcms.c
++++ pillow-10.0.0/src/_imagingcms.c
+@@ -201,8 +201,8 @@ cms_transform_new(cmsHTRANSFORM transfor
+ 
+     self->transform = transform;
+ 
+-    strcpy(self->mode_in, mode_in);
+-    strcpy(self->mode_out, mode_out);
++    strncpy(self->mode_in, mode_in, 8);
++    strncpy(self->mode_out, mode_out, 8);
+ 
+     return (PyObject *)self;
+ }
+@@ -244,8 +244,8 @@ findLCMStype(char *PILmode) {
+     }
+ 
+     else {
+-        /* take a wild guess... but you probably should fail instead. */
+-        return TYPE_GRAY_8; /* so there's no buffer overrun... */
++        /* take a wild guess... */
++        return TYPE_GRAY_8;
+     }
+ }
+ 
diff -Nru pillow-10.0.0/debian/patches/series pillow-10.0.0/debian/patches/series
--- pillow-10.0.0/debian/patches/series	2024-01-25 15:01:44.000000000 +0000
+++ pillow-10.0.0/debian/patches/series	2024-04-15 13:51:02.000000000 +0000
@@ -7,3 +7,4 @@
 CVE-2023-50447-1.patch
 CVE-2023-50447-2.patch
 CVE-2023-50447-3.patch
+CVE-2024-28219.patch
diff -Nru pillow-10.0.0/debian/source/include-binaries pillow-10.0.0/debian/source/include-binaries
--- pillow-10.0.0/debian/source/include-binaries	2022-10-21 15:53:14.000000000 +0000
+++ pillow-10.0.0/debian/source/include-binaries	2024-04-15 13:52:02.000000000 +0000
@@ -1 +1,2 @@
 Tests/images/tga_id_field.tga
+Tests/icc/sGrey-v2-nano.icc