python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-01-26 17:24:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update 3.1.1, 8.1.1 release notes for #7864

Browse Source
This commit is contained in:
Alex Clark 2024-03-14 19:36:19 -04:00
parent ae5f1de624
commit 0ea144b087
2 changed files with 31 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/releasenotes/3.1.1.rst
View File

@ -4,8 +4,15 @@
Security
========
:cve:`2016-0775`: Fix buffer overflow
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:cve:`2016-0740`: Fix buffer overflow in ``libImaging/TiffDecode.c``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Buffer overflow in the ImagingLibTiffDecode function in
``libImaging/TiffDecode.c`` in Pillow before 3.1.1 allows remote attackers to
overwrite memory via a crafted TIFF file.
:cve:`2016-0775`: Fix buffer overflow in ``libImaging/FliDecode.c``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Buffer overflow in the ImagingFliDecode function in ``libImaging/FliDecode.c``
in Pillow before 3.1.1 allows remote attackers to cause a denial of service

33
docs/releasenotes/8.1.1.rst
View File

@ -4,22 +4,33 @@
Security
========
:cve:`2021-25289`: The previous fix for :cve:`2020-35654` was insufficient
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:cve:`2021-25289`: Fix the fix for :cve:`2020-35654`
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The previous fix for :cve:`2020-35654` was insufficient due to incorrect error checking in ``TiffDecode.c``.
The previous fix for :cve:`2020-35654` was insufficient due to incorrect
error checking in ``TiffDecode.c``.
:cve:`2021-25290`: In ``TiffDecode.c``, there is a negative-offset ``memcpy`` with an invalid size
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:cve:`2021-25290`: Fix buffer overflow in ``TiffDecode.c``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:cve:`2021-25291`: In ``TiffDecode.c``, invalid tile boundaries could lead to an out-of-bounds read in ``TIFFReadRGBATile``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In ``TiffDecode.c``, there is a negative-offset ``memcpy`` with an invalid size.
:cve:`2021-25292`: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:cve:`2021-25291`: Fix buffer overflow in ``TIFFReadRGBATile``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:cve:`2021-25293`: There is an out-of-bounds read in ``SgiRleDecode.c`` since Pillow 4.3.0
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In ``TiffDecode.c``, invalid tile boundaries could lead to an out-of-bounds
read in ``TIFFReadRGBATile``.
:cve:`2021-25292`: Fix DOS attack
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The PDF parser has a catastrophic backtracking regex that could be used as a
DOS attack.
:cve:`2021-25293`: Fix buffer overflow in ``SgiRleDecode.c``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
There is an out-of-bounds read in ``SgiRleDecode.c`` since Pillow 4.3.0.
Other Changes
=============