python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-01-13 10:46:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

[pre-commit.ci] auto fixes from pre-commit.com hooks

Browse Source 
for more information, see https://pre-commit.ci
This commit is contained in:
pre-commit-ci[bot] 2024-03-13 19:14:02 +00:00 committed by Alex Clark
parent 2b8dfaac7c
commit 20d451b359
4 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/releasenotes/3.1.1.rst
View File

@ -14,7 +14,7 @@ Buffer overflow in TiffDecode.c
Pillow 3.1.0 and earlier when linked against Pillow 3.1.0 and earlier when linked against
libtiff >= 4.0.0 on x64 may overflow a buffer when reading a libtiff >= 4.0.0 on x64 may overflow a buffer when reading a
specially crafted tiff file. specially crafted tiff file.
Specifically, libtiff >= 4.0.0 changed the return type of Specifically, libtiff >= 4.0.0 changed the return type of
``TIFFScanlineSize`` from ``int32`` to machine dependent ``TIFFScanlineSize`` from ``int32`` to machine dependent
@ -36,7 +36,7 @@ Buffer overflow in FliDecode.c
++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++
In all versions of Pillow, dating back at least to In all versions of Pillow, dating back at least to
the last PIL 1.1.7 release, FliDecode.c has a buffer overflow error. the last PIL 1.1.7 release, FliDecode.c has a buffer overflow error.
Around line 192: Around line 192:
@ -70,7 +70,7 @@ Buffer overflow in PcdDecode.c
++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++
In all versions of Pillow, dating back at least to the In all versions of Pillow, dating back at least to the
last PIL 1.1.7 release, ``PcdDecode.c`` has a buffer overflow error. last PIL 1.1.7 release, ``PcdDecode.c`` has a buffer overflow error.
The ``state.buffer`` for ``PcdDecode.c`` is allocated based on a 3 The ``state.buffer`` for ``PcdDecode.c`` is allocated based on a 3
bytes per pixel sizing, where ``PcdDecode.c`` wrote into the buffer bytes per pixel sizing, where ``PcdDecode.c`` wrote into the buffer

2
docs/releasenotes/3.1.2.rst
View File

@ -14,7 +14,7 @@ Buffer overflow in Jpeg2KEncode.c
Pillow between 2.5.0 and 3.1.1 may overflow a buffer Pillow between 2.5.0 and 3.1.1 may overflow a buffer
when writing large Jpeg2000 files, allowing for code execution or other when writing large Jpeg2000 files, allowing for code execution or other
memory corruption. memory corruption.
This occurs specifically in the function ``j2k_encode_entry``, at the line: This occurs specifically in the function ``j2k_encode_entry``, at the line:

2
docs/releasenotes/8.0.1.rst
View File

@ -9,7 +9,7 @@ Fix CVE-2020-15999
.. note:: More information about this vulnerability included in database record :cve:`2020-15999` .. note:: More information about this vulnerability included in database record :cve:`2020-15999`
Update FreeType in wheels to `2.10.4`_ Update FreeType in wheels to `2.10.4`_
++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++
* A heap buffer overflow has been found in the handling of embedded PNG bitmaps, * A heap buffer overflow has been found in the handling of embedded PNG bitmaps,

2
docs/releasenotes/8.1.1.rst
View File

@ -4,7 +4,7 @@
Security Security
======== ========
Fix CVE-2021-25289 Fix CVE-2021-25289
^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^
.. note:: More information about this vulnerability included in database record :cve:`2021-25289` .. note:: More information about this vulnerability included in database record :cve:`2021-25289`