python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-08-14 01:04:45 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update documentation

Browse Source
This commit is contained in:
Frederick Price 2023-04-22 00:20:11 -04:00
parent fefc469fda
commit 17e624e522
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES.rst
View File

@ -27,6 +27,9 @@ Changelog (Pillow)
combination of \r and \n as line endings. combination of \r and \n as line endings.
[rickprice] [rickprice]
- Fix CVE-2022-45199: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
[rickprice]
- Fix CVE-2021-28676: FliDecode did not properly check that the block advance - Fix CVE-2021-28676: FliDecode did not properly check that the block advance
was non-zero, potentally leading to an infinite loop on load. was non-zero, potentally leading to an infinite loop on load.
[rickprice] [rickprice]

2
docs/releasenotes/6.2.2.5.rst
View File

@ -37,3 +37,5 @@ This release addresses several critical CVEs.
Pillow in the open phase, before an image was accepted Pillow in the open phase, before an image was accepted
for opening. for opening.
:cve: `CVE-2022-45199`: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.