python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-01-29 18:54:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added release notes for #5567

Browse Source
This commit is contained in:
Andrew Murray 2021-07-01 13:31:57 +10:00
parent 31c473898c
commit d254e581a1
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/releasenotes/8.3.0.rst
View File

@ -82,6 +82,13 @@ format, through the new ``bitmap_format`` argument::
Security Security
======== ========
Buffer overflow
^^^^^^^^^^^^^^^
This release addresses :cve:`CVE-2021-34552`. PIL since 1.1.4 and Pillow since 1.0
allowed parameters passed into a convert function to trigger buffer overflow in
Convert.c.
Parsing XML Parsing XML
^^^^^^^^^^^ ^^^^^^^^^^^