mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-12-25 17:36:18 +03:00
[pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
This commit is contained in:
parent
2b8dfaac7c
commit
20d451b359
|
@ -14,7 +14,7 @@ Buffer overflow in TiffDecode.c
|
|||
|
||||
Pillow 3.1.0 and earlier when linked against
|
||||
libtiff >= 4.0.0 on x64 may overflow a buffer when reading a
|
||||
specially crafted tiff file.
|
||||
specially crafted tiff file.
|
||||
|
||||
Specifically, libtiff >= 4.0.0 changed the return type of
|
||||
``TIFFScanlineSize`` from ``int32`` to machine dependent
|
||||
|
@ -36,7 +36,7 @@ Buffer overflow in FliDecode.c
|
|||
++++++++++++++++++++++++++++++
|
||||
|
||||
In all versions of Pillow, dating back at least to
|
||||
the last PIL 1.1.7 release, FliDecode.c has a buffer overflow error.
|
||||
the last PIL 1.1.7 release, FliDecode.c has a buffer overflow error.
|
||||
|
||||
Around line 192:
|
||||
|
||||
|
@ -70,7 +70,7 @@ Buffer overflow in PcdDecode.c
|
|||
++++++++++++++++++++++++++++++
|
||||
|
||||
In all versions of Pillow, dating back at least to the
|
||||
last PIL 1.1.7 release, ``PcdDecode.c`` has a buffer overflow error.
|
||||
last PIL 1.1.7 release, ``PcdDecode.c`` has a buffer overflow error.
|
||||
|
||||
The ``state.buffer`` for ``PcdDecode.c`` is allocated based on a 3
|
||||
bytes per pixel sizing, where ``PcdDecode.c`` wrote into the buffer
|
||||
|
|
|
@ -14,7 +14,7 @@ Buffer overflow in Jpeg2KEncode.c
|
|||
|
||||
Pillow between 2.5.0 and 3.1.1 may overflow a buffer
|
||||
when writing large Jpeg2000 files, allowing for code execution or other
|
||||
memory corruption.
|
||||
memory corruption.
|
||||
|
||||
This occurs specifically in the function ``j2k_encode_entry``, at the line:
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ Fix CVE-2020-15999
|
|||
|
||||
.. note:: More information about this vulnerability included in database record :cve:`2020-15999`
|
||||
|
||||
Update FreeType in wheels to `2.10.4`_
|
||||
Update FreeType in wheels to `2.10.4`_
|
||||
++++++++++++++++++++++++++++++++++++++
|
||||
|
||||
* A heap buffer overflow has been found in the handling of embedded PNG bitmaps,
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
Security
|
||||
========
|
||||
|
||||
Fix CVE-2021-25289
|
||||
Fix CVE-2021-25289
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
|
||||
.. note:: More information about this vulnerability included in database record :cve:`2021-25289`
|
||||
|
|
Loading…
Reference in New Issue
Block a user