From d88fdcda0699c647ba7a0befca97f08134fe6627 Mon Sep 17 00:00:00 2001 From: Andrew Murray <3112309+radarhere@users.noreply.github.com> Date: Sat, 2 Jan 2021 22:00:35 +1100 Subject: [PATCH] Updated capitalisation [ci skip] Co-authored-by: Hugo van Kemenade --- docs/releasenotes/8.1.0.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/releasenotes/8.1.0.rst b/docs/releasenotes/8.1.0.rst index 84ec8ae76..78c3e914a 100644 --- a/docs/releasenotes/8.1.0.rst +++ b/docs/releasenotes/8.1.0.rst @@ -38,25 +38,25 @@ Security This release includes security fixes. -* An out-of-bounds read when saving TIFFs with custom metadata through libtiff +* An out-of-bounds read when saving TIFFs with custom metadata through LibTIFF * An out-of-bounds read when saving a GIF of 1px width -* :cve:`CVE-2020-35653` Buffer Read Overrun in PCX Decoding. +* :cve:`CVE-2020-35653` Buffer read overrun in PCX decoding -The PCX Image decoder used the reported image stride to calculate the row buffer, +The PCX image decoder used the reported image stride to calculate the row buffer, rather than calculating it from the image size. This issue dates back to the PIL fork. Thanks to Google's OSS-Fuzz project for finding this. * :cve:`CVE-2020-35654` Fix TIFF OOB Write error -OOB Write in TiffDecode.c when reading corrupt YCbCr files in some LibTiff versions -(4.1.0/Ubuntu 20.04, but not 4.0.9/Ubuntu 18.04). In some cases libtiff's +OOB Write in TiffDecode.c when reading corrupt YCbCr files in some LibTIFF versions +(4.1.0/Ubuntu 20.04, but not 4.0.9/Ubuntu 18.04). In some cases LibTIFF's interpretation of the file is different when reading in RGBA mode, leading to an Out of bounds write in TiffDecode.c. This potentially affects Pillow versions from 6.0.0 to -8.0.1, depending on the version of LibTiff. This was reported through Tidelift. +8.0.1, depending on the version of LibTIFF. This was reported through Tidelift. * :cve:`CVE-2020-35655` Fix for SGI Decode buffer overrun -4 Byte Read Overflow in SGIRleDecode.c, where the code was not correctly checking the +4 byte read overflow in SGIRleDecode.c, where the code was not correctly checking the offsets and length tables. Independently reported through Tidelift and Google's OSS-Fuzz. This vulnerability covers Pillow versions 4.3.0->8.0.1.