python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-14 13:46:57 +03:00
Code Issues Packages Projects Releases Wiki Activity
6897566701
Pillow/docs/releasenotes/6.2.2.rst

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

21 lines
749 B
ReStructuredText
Raw Normal View History

Added release notes [ci skip]
2020-01-02 06:36:56 +03:00
6.2.2
-----
Security
========
Update release notes to match template for #7864
2024-03-15 04:04:08 +03:00
This release fixes several buffer overflow issues and a DOS attack vulnerability.
Added release notes [ci skip]
2020-01-02 06:36:56 +03:00
Swap order to match description
2024-03-17 13:43:04 +03:00
:cve:`2020-5310`, :cve:`2020-5311`, :cve:`2020-5312`, :cve:`2020-5313`: Overflow checks added
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Overflow checks have been added when calculating the size of a memory block to be reallocated
in the processing of TIFF, SGI, PCX and FLI images.
Fix headers and retro-add notes for #7864 - Include CVE link in title (via @hugovk) - Retro-add release notes for 2.3.2, 2.5.2 for CVE-2014-3589
2024-03-14 20:58:05 +03:00
:cve:`2019-19911`: DOS attack vulnerability
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Clean up for #7864
2024-03-13 21:40:00 +03:00
Clean up for #7864 Before back fill, clean up. - Add suggested CVE format to template - Move Security to the top of release notes - Fix headings - Update all existing CVE notes to match template
2024-03-13 21:15:16 +03:00
If an FPX image reports that it has a large number of bands, a large amount of
resources will be used when trying to process the image. This is fixed by
limiting the number of bands to those usable by Pillow.
Reference in New Issue Copy Permalink