Merge pull request #9 from ActiveState/BE-148-cve-2021-25290

BE-148-cve-2021-25290
2025-08-11 15:54:45 +03:00 · 2023-03-13 15:34:01 -05:00 · 2023-03-13 15:34:01 -05:00 · b06ecb4365
commit b06ecb4365
parent 50ba069cc6 5515707532
8 changed files with 6 additions and 1 deletions
--- a/CHANGES.rst
+++ b/CHANGES.rst
@ -12,7 +12,10 @@ Changelog (Pillow)
 since Pillow 4.3.0.
  [rickprice]
- Fix CVE-2021-2791
+- Fix CVE-2021-27291
  [rickprice]
 - Fix CVE-2021-25290
  [rickprice]
 - Fix CVE-2021-25291
--- a/Tests/images/crash-0c7e0e8e11ce787078f00b5b0ca409a167f070e0.tif
+++ b/Tests/images/crash-0c7e0e8e11ce787078f00b5b0ca409a167f070e0.tif
--- a/Tests/images/crash-1185209cf7655b5aed8ae5e77784dfdd18ab59e9.tif
+++ b/Tests/images/crash-1185209cf7655b5aed8ae5e77784dfdd18ab59e9.tif
--- a/Tests/images/crash-338516dbd2f0e83caddb8ce256c22db3bd6dc40f.tif
+++ b/Tests/images/crash-338516dbd2f0e83caddb8ce256c22db3bd6dc40f.tif
--- a/Tests/images/crash-4f085cc12ece8cde18758d42608bed6a2a2cfb1c.tif
+++ b/Tests/images/crash-4f085cc12ece8cde18758d42608bed6a2a2cfb1c.tif
--- a/Tests/images/crash-86214e58da443d2b80820cff9677a38a33dcbbca.tif
+++ b/Tests/images/crash-86214e58da443d2b80820cff9677a38a33dcbbca.tif
--- a/Tests/images/crash-f46f5b2f43c370fe65706c11449f567ecc345e74.tif
+++ b/Tests/images/crash-f46f5b2f43c370fe65706c11449f567ecc345e74.tif
--- a/docs/releasenotes/6.2.2.4.rst
+++ b/docs/releasenotes/6.2.2.4.rst
@ -11,4 +11,6 @@ since Pillow 4.3.0.
 :cve: `CVE-2021-25291`: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.
 :cve: `CVE-2021-2791` : Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.
 :cve: `CVE-2021-25290` : Fix negative size read in TiffDecode.c