Pillow/docs/releasenotes/8.1.1.rst

8.1.1
-----

Security
========

:cve:`2021-25289`: Correct the fix for :cve:`2020-35654`
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The previous fix for :cve:`2020-35654` was insufficient due to incorrect
error checking in ``TiffDecode.c``.

:cve:`2021-25290`: Fix buffer overflow in ``TiffDecode.c``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

In ``TiffDecode.c``, there is a negative-offset ``memcpy`` with an invalid size.

:cve:`2021-25291`: Fix buffer overflow in ``TIFFReadRGBATile``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

In ``TiffDecode.c``, invalid tile boundaries could lead to an out-of-bounds
read in ``TIFFReadRGBATile``.

:cve:`2021-25292`: Fix DOS attack
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The PDF parser has a catastrophic backtracking regex that could be used as a
DOS attack.

:cve:`2021-25293`: Fix buffer overflow in ``SgiRleDecode.c``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

There is an out-of-bounds read in ``SgiRleDecode.c`` since Pillow 4.3.0.

Other Changes
=============

A crash with the feature flags for libimagequant, libjpeg-turbo, WebP and XCB on
unreleased Python 3.10 has been fixed (:issue:`5193`).
Release notes for 8.1.1 2021-02-28 20:13:16 +03:00			`8.1.1`
			`-----`

			`Security`
			`========`

Changed wording 2024-03-17 13:37:31 +03:00			:cve:`2021-25289`: Correct the fix for :cve:`2020-35654`
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`
Clean up for #7864 Before back fill, clean up. - Add suggested CVE format to template - Move Security to the top of release notes - Fix headings - Update all existing CVE notes to match template 2024-03-13 21:15:16 +03:00
Update 3.1.1, 8.1.1 release notes for #7864 2024-03-15 02:36:19 +03:00			The previous fix for :cve:`2020-35654` was insufficient due to incorrect
			error checking in ``TiffDecode.c``.
Clean up for #7864 Before back fill, clean up. - Add suggested CVE format to template - Move Security to the top of release notes - Fix headings - Update all existing CVE notes to match template 2024-03-13 21:15:16 +03:00
Update 3.1.1, 8.1.1 release notes for #7864 2024-03-15 02:36:19 +03:00			:cve:`2021-25290`: Fix buffer overflow in ``TiffDecode.c``
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`
Release notes for 8.1.1 2021-02-28 20:13:16 +03:00
Update 3.1.1, 8.1.1 release notes for #7864 2024-03-15 02:36:19 +03:00			In ``TiffDecode.c``, there is a negative-offset ``memcpy`` with an invalid size.
Clean up for #7864 Before back fill, clean up. - Add suggested CVE format to template - Move Security to the top of release notes - Fix headings - Update all existing CVE notes to match template 2024-03-13 21:15:16 +03:00
Update 3.1.1, 8.1.1 release notes for #7864 2024-03-15 02:36:19 +03:00			:cve:`2021-25291`: Fix buffer overflow in ``TIFFReadRGBATile``
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`
Release notes for 8.1.1 2021-02-28 20:13:16 +03:00
Update 3.1.1, 8.1.1 release notes for #7864 2024-03-15 02:36:19 +03:00			In ``TiffDecode.c``, invalid tile boundaries could lead to an out-of-bounds
			read in ``TIFFReadRGBATile``.

			:cve:`2021-25292`: Fix DOS attack
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`

			`The PDF parser has a catastrophic backtracking regex that could be used as a`
			`DOS attack.`

			:cve:`2021-25293`: Fix buffer overflow in ``SgiRleDecode.c``
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`

			There is an out-of-bounds read in ``SgiRleDecode.c`` since Pillow 4.3.0.
Release notes for 8.1.1 2021-02-28 20:13:16 +03:00
			`Other Changes`
			`=============`

Updated spelling [ci skip] Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com> 2021-03-03 14:38:24 +03:00			`A crash with the feature flags for libimagequant, libjpeg-turbo, WebP and XCB on`
Corrected list of relevant dependencies [ci skip] 2021-03-03 12:34:52 +03:00			unreleased Python 3.10 has been fixed (:issue:`5193`).