python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-08-11 07:44:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

BE-164-cve-2021-25289

Browse Source 
Change release notes
Update docs
Add test image
Merge in the changes to TiffDecode.c
This commit is contained in:
Frederick Price 2023-03-31 14:58:40 -04:00
parent 3a855cb647
commit 99399058ff
4 changed files with 660 additions and 628 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CHANGES.rst
View File

@ -2,12 +2,14 @@
Changelog (Pillow)
==================
6.2.2.5 (date TBD)
6.2.2.5 (Date TBD)
------------------
- Fix CVE-2020-35654
[rickprice]
- Fix CVE CVE-2021-25289: An issue was discovered in Pillow before 8.1.1.
TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files
because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE:
this issue exists because of an incomplete fix for CVE-2020-35654.
[rickprice]
6.2.2.4 (2023-03-29)
------------------

BIN
Tests/images/crash-2020-10-test.tif Normal file
View File

Binary file not shown.

8
docs/releasenotes/6.2.2.5.rst
View File

@ -1,4 +1,4 @@
6.2.2.4
6.2.2.5
-------
Security
@ -6,6 +6,8 @@ Security
This release addresses several critical CVEs.
:cve:`CVE-2020-35654`: In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
:cve:`CVE-2021-25289`: An issue was discovered in Pillow before 8.1.1.
TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files
because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE:
this issue exists because of an incomplete fix for CVE-2020-35654.

1270
src/libImaging/TiffDecode.c
View File

File diff suppressed because it is too large Load Diff