Link to TideLift [ci skip]

2025-01-13 02:36:17 +03:00 · 2021-01-02 22:07:03 +11:00 · 2021-01-02 22:07:03 +11:00 · 2711549503
commit 2711549503
parent d88fdcda06
1 changed files with 5 additions and 3 deletions
--- a/docs/releasenotes/8.1.0.rst
+++ b/docs/releasenotes/8.1.0.rst
@ -52,13 +52,15 @@ OOB Write in TiffDecode.c when reading corrupt YCbCr files in some LibTIFF versi
 (4.1.0/Ubuntu 20.04, but not 4.0.9/Ubuntu 18.04). In some cases LibTIFF's
 interpretation of the file is different when reading in RGBA mode, leading to an Out of
 bounds write in TiffDecode.c. This potentially affects Pillow versions from 6.0.0 to
-8.0.1, depending on the version of LibTIFF. This was reported through Tidelift.
+8.0.1, depending on the version of LibTIFF. This was reported through `Tidelift`_.

 * :cve:`CVE-2020-35655` Fix for SGI Decode buffer overrun

 4 byte read overflow in SGIRleDecode.c, where the code was not correctly checking the
-offsets and length tables. Independently reported through Tidelift and Google's OSS-Fuzz.
-This vulnerability covers Pillow versions 4.3.0->8.0.1.
+offsets and length tables. Independently reported through `Tidelift`_ and Google's
+OSS-Fuzz. This vulnerability covers Pillow versions 4.3.0->8.0.1.
+
+.. _Tidelift: https://tidelift.com/subscription/pkg/pypi-pillow?utm_source=pillow&utm_medium=referral&utm_campaign=docs

 Dependencies
 ^^^^^^^^^^^^