python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-01-13 02:36:17 +03:00
Code Issues Packages Projects Releases Wiki Activity

Swap order to match description

Browse Source
This commit is contained in:
Andrew Murray 2024-03-17 21:43:04 +11:00
parent 4ef6e4ef9b
commit d2dfb2f87f
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/releasenotes/6.2.2.rst
View File

@ -6,15 +6,15 @@ Security
This release fixes several buffer overflow issues and a DOS attack vulnerability. This release fixes several buffer overflow issues and a DOS attack vulnerability.
:cve:`2020-5310`, :cve:`2020-5311`, :cve:`2020-5312`, :cve:`2020-5313`: Overflow checks added
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Overflow checks have been added when calculating the size of a memory block to be reallocated
in the processing of TIFF, SGI, PCX and FLI images.
:cve:`2019-19911`: DOS attack vulnerability :cve:`2019-19911`: DOS attack vulnerability
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If an FPX image reports that it has a large number of bands, a large amount of If an FPX image reports that it has a large number of bands, a large amount of
resources will be used when trying to process the image. This is fixed by resources will be used when trying to process the image. This is fixed by
limiting the number of bands to those usable by Pillow. limiting the number of bands to those usable by Pillow.
:cve:`2020-5310`, :cve:`2020-5311`, :cve:`2020-5312`, :cve:`2020-5313`: Overflow checks added
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Overflow checks have been added when calculating the size of a memory block to be reallocated
in the processing of TIFF, SGI, PCX and FLI images.