python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-07-22 06:00:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated security descriptions

Browse Source 
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
This commit is contained in:
Andrew Murray 2023-01-02 08:17:47 +11:00 committed by GitHub
parent 35b4c433b3
commit e908afea40
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/releasenotes/9.4.0.rst
View File

@ -78,14 +78,14 @@ Fix memory DOS in ImageFont
A corrupt or specially crafted TTF font could have font metrics that lead to A corrupt or specially crafted TTF font could have font metrics that lead to
unreasonably large sizes when rendering text in font. ``ImageFont.py`` did not unreasonably large sizes when rendering text in font. ``ImageFont.py`` did not
check the image size before allocating memory for it. This dates to the PIL check the image size before allocating memory for it. This dates to the PIL
fork. Pilllow 8.2.0 added a check for large sizes, but did not consider the fork. Pillow 8.2.0 added a check for large sizes, but did not consider the
case where one dimension was zero. case where one dimension is zero.
Null pointer dereference crash in ImageFont Null pointer dereference crash in ImageFont
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Pillow attempted to dereference a null pointer in ``ImageFont``, leading to a Pillow attempted to dereference a null pointer in ``ImageFont``, leading to a
crash. An error is now raised instead. This would have been present since crash. An error is now raised instead. This has been present since
Pillow 8.0.0. Pillow 8.0.0.
Other Changes Other Changes