From d2dfb2f87fff0d85865f8943e9f42b5bed40dd9f Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Sun, 17 Mar 2024 21:43:04 +1100 Subject: [PATCH] Swap order to match description --- docs/releasenotes/6.2.2.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/releasenotes/6.2.2.rst b/docs/releasenotes/6.2.2.rst index f223b8f5a..85b0d0ba9 100644 --- a/docs/releasenotes/6.2.2.rst +++ b/docs/releasenotes/6.2.2.rst @@ -6,15 +6,15 @@ Security This release fixes several buffer overflow issues and a DOS attack vulnerability. +:cve:`2020-5310`, :cve:`2020-5311`, :cve:`2020-5312`, :cve:`2020-5313`: Overflow checks added +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Overflow checks have been added when calculating the size of a memory block to be reallocated +in the processing of TIFF, SGI, PCX and FLI images. + :cve:`2019-19911`: DOS attack vulnerability ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If an FPX image reports that it has a large number of bands, a large amount of resources will be used when trying to process the image. This is fixed by limiting the number of bands to those usable by Pillow. - -:cve:`2020-5310`, :cve:`2020-5311`, :cve:`2020-5312`, :cve:`2020-5313`: Overflow checks added -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Overflow checks have been added when calculating the size of a memory block to be reallocated -in the processing of TIFF, SGI, PCX and FLI images.