python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-07-27 08:30:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added release notes for #9041

Browse Source
This commit is contained in:
Andrew Murray 2025-06-27 22:39:41 +10:00
parent e783aff688
commit 134986c513
1 changed files with 11 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
docs/releasenotes/11.3.0.rst
View File

@ -4,21 +4,21 @@
Security Security
======== ========
TODO :cve:`2025-48379`: Write Buffer Overflow on BCn encoding
^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TODO There is a heap buffer overflow when writing a sufficiently large (>64k encoded with
default settings) image in the DDS format due to writing into a buffer without checking
for available space.
:cve:`YYYY-XXXXX`: TODO This only affects users who save untrusted data as a compressed DDS image.
^^^^^^^^^^^^^^^^^^^^^^^
TODO * Unclear how large the potential write could be. It is likely limited by process
segfault, so it's not necessarily deterministic. It may be practically unbounded.
* Unclear if there's a restriction on the bytes that could be emitted. It's likely that
the only restriction is that the bytes would be emitted in chunks of 8 or 16.
Backwards incompatible changes This was introduced was introduced in 11.2.0 when the feature was added.
==============================
TODO
^^^^
Deprecations Deprecations
============ ============
@ -41,22 +41,6 @@ another mode before saving::
im = Image.new("I", (1, 1)) im = Image.new("I", (1, 1))
im.convert("I;16").save("out.png") im.convert("I;16").save("out.png")
API changes
===========
TODO
^^^^
TODO
API additions
=============
TODO
^^^^
TODO
Other changes Other changes
============= =============