Pillow/docs/releasenotes/2.3.2.rst

2.3.2
-----

Security
========

:cve:`2014-3589`: Fix DOS attack
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

``PIL/IcnsImagePlugin.py`` in Python Imaging Library (PIL) and Pillow before 2.3.2 and
2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted
block size.

Found and reported by Andrew Drake of dropbox.com
Fix headers and retro-add notes for #7864 - Include CVE link in title (via @hugovk) - Retro-add release notes for 2.3.2, 2.5.2 for CVE-2014-3589 2024-03-14 20:58:05 +03:00			`2.3.2`
			`-----`

			`Security`
			`========`

			:cve:`2014-3589`: Fix DOS attack
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`

			``PIL/IcnsImagePlugin.py`` in Python Imaging Library (PIL) and Pillow before 2.3.2 and
			`2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted`
[pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci 2024-03-14 21:01:09 +03:00			`block size.`
Back fill release notes for #7864 - Back fill release notes for 3.1.1 - Add credits to 2.3.2, 2.5.2 2024-03-15 02:04:26 +03:00
			`Found and reported by Andrew Drake of dropbox.com`