python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-10 19:56:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6016 from radarhere/releasenotes

Browse Source 
Corrected sentence
This commit is contained in:
Hugo van Kemenade 2022-02-04 07:13:32 +02:00 committed by GitHub
commit 71839a7623
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/releasenotes/9.0.1.rst
View File

@ -9,7 +9,7 @@ This release addresses several security problems.
:cve:`CVE-2022-24303`: If the path to the temporary directory on Linux or macOS
contained a space, this would break removal of the temporary image file after
``im.show()`` (and related actions), and potentially remove an unrelated file. This
been present since PIL.
has been present since PIL.
:cve:`CVE-2022-22817`: While Pillow 9.0 restricted top-level builtins available to
:py:meth:`PIL.ImageMath.eval`, it did not prevent builtins available to lambda