Update release notes

2024-11-10 19:56:47 +03:00 · 2021-09-02 15:04:28 +03:00 · 2021-09-02 15:04:28 +03:00 · 949503b160
commit 949503b160
parent 5d399603db
2 changed files with 15 additions and 1 deletions
--- a/docs/releasenotes/2.7.0.rst
+++ b/docs/releasenotes/2.7.0.rst
@ -14,7 +14,7 @@ Png text chunk size limits
 To prevent potential denial of service attacks using compressed text
 chunks, there are now limits to the decompressed size of text chunks
 decoded from PNG images. If the limits are exceeded when opening a PNG
-image a ``ValueError`` will be raised.
+image a :py:exc:`ValueError` will be raised.

 Individual text chunks are limited to
 :py:attr:`PIL.PngImagePlugin.MAX_TEXT_CHUNK`, set to 1MB by
--- a/docs/releasenotes/8.3.2.rst
+++ b/docs/releasenotes/8.3.2.rst
@ -1,6 +1,18 @@
 8.3.2
 -----

+Security
+========
+
+* :cve:`CVE-2021-23437`: Avoid a potential ReDoS (regular expression denial of service)
+  in :py:class:`~PIL.ImageColor`'s :py:meth:`~PIL.ImageColor.getrgb` by raising
+  :py:exc:`ValueError` if the color specifier is too long. Present since Pillow 5.2.0.
+
+* Fix 6-byte out-of-bounds (OOB) read. The previous bounds check in ``FliDecode.c``
+  incorrectly calculated the required read buffer size when copying a chunk, potentially
+  reading six extra bytes off the end of the allocated buffer from the heap. Present
+  since Pillow 7.1.0. This bug was found by Google's `OSS-Fuzz`_ `CIFuzz`_ runs.
+
 Other Changes
 =============

@ -24,4 +36,6 @@ Fixed regressions

 * Hide FriBiDi shim symbols to avoid conflict with real FriBiDi library (:pr:`5651`).

+.. _OSS-Fuzz: https://github.com/google/oss-fuzz
+.. _CIFuzz: https://google.github.io/oss-fuzz/getting-started/continuous-integration/
 .. _no ABI changes: https://www.python.org/downloads/release/python-3100rc1/