python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-08-14 01:04:45 +03:00
Code Issues Packages Projects Releases Wiki Activity
9,049 Commits 51 Branches 94 Tags 314 MiB
17e624e522
Commit Graph

9049 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Frederick Price
17e624e522 Update documentation 2023-04-22 00:20:11 -04:00
Marc Gutman
fefc469fda
Merge pull request #18 from ActiveState/BE-139-cve-2021-28676 
BE-139-cve-2021-28676
 2023-04-20 15:25:04 -05:00
Frederick Price
763f724780 BE-139-cve-2021-28676 
Add documentation changes

Cherry picked bb6c11fb88

Update tests to work in old code

Add function missing in old code
 2023-04-20 16:18:56 -04:00
Marc Gutman
0fb0067970
Merge pull request #19 from ActiveState/BE-140-cve-2021-28677 
BE-140-cve-2021-28677
 2023-04-20 15:00:41 -05:00
Frederick Price
6199218d63 Fix up test to get rid of warning 2023-04-20 12:56:53 -04:00
Frederick Price
411ff3322c Add in cherry-pick 2023-04-20 12:56:53 -04:00
Frederick Price
39a535fb0f Rebase to 6.2.x 2023-04-20 12:56:35 -04:00
Marc Gutman
79f4206664
Merge pull request #17 from ActiveState/BE-159-cve-2020-10994 
BE-159-cve-2020-10994
 2023-04-19 10:45:14 -05:00
Frederick Price
978191b608 BE-159-cve-2020-10994 
CVE fixes from: https://github.com/python-pillow/Pillow/pull/4505

Tests for jp2 overflow
(cherry picked from commit 30443d39bd)
Format with Black
(cherry picked from commit 6e86d235c8)
Add documentation
 2023-04-18 23:41:42 -04:00
Marc Gutman
97671b578d
Merge pull request #15 from ActiveState/BE-157/CVE-2021-28675 
BE-157/CVE-2021-28675
 2023-04-14 16:36:46 -05:00
Eric Soroos
28ef1d46ad BE-157-CVE-2021-28675 
Fix DOS in PSDImagePlugin -- CVE-2021-28675

* PSDImagePlugin did not sanity check the number of input layers and
  vs the size of the data block, this could lead to a DOS on
  Image.open prior to Image.load.
* This issue dates to the PIL fork

Apply fix 8febdad8dd
 2023-04-14 17:33:17 -04:00
Marc Gutman
6699954baa
Merge pull request #16 from ActiveState/BE-806-pillow-cve-2022-22815 
BE-806-pillow-cve-2022-22815
 2023-04-14 15:59:07 -05:00
Frederick Price
8c52fdbe2a BE-806-pillow-cve-2022-22815 
https://github.com/python-pillow/Pillow/pull/5920/files

Cherry picked 1e092419b6

Cherry picked c48271ab35

Fix up tests to run on the older version

Update documentation
 2023-04-14 14:24:48 -04:00
Marc Gutman
8da0274ff5
Merge pull request #14 from ActiveState/BE-164-cve-2021-25289_B 
BE-164-cve-2021-25289_B Add files to show that cve-2021-25289 has been fixed.
 2023-04-11 18:25:08 -05:00
Frederick Price
e7a2ab62b7 BE-164-cve-2021-25289_B 
Add binary files that are needed for testing. The code changes that
fixed the CVE were made in an earlier release. This just adds the files
that show the CVE has been fixed.

commit cbfdde7b1f
Author: Eric Soroos eric-github@soroos.net
Date:   Sun Jan 3 21:35:32 2021 +0100
Incorrect error code checking in TiffDecode.c

* since Pillow 8.1.0
* CVE-2021-25289
 2023-04-11 13:11:40 -04:00
Frederick Price
3a855cb647 Initial change of release notes 2023-03-31 14:58:40 -04:00
Frederick Price
ae2cecb6f0 Change release date for 6.2.2.4 2023-03-31 14:02:46 -04:00
Marc Gutman
3c779360b0
Merge pull request #12 from ActiveState/BE-141-cve-2020-10379 
BE-141-CVE-2020-10379
 2023-03-24 11:54:46 -05:00
Eric Soroos
52ec868fe1 BE-141-CVE-2020-10379 
Taken from the fixes for https://github.com/python-pillow/Pillow/pull/4507/commits
 2023-03-22 18:04:13 -04:00
Marc Gutman
134fb891ee
Merge pull request #11 from ActiveState/BE-154-cve-2021-23437 
BE-154-CVE-2021-23437
 2023-03-22 10:18:12 -05:00
Frederick Price
454ef5a23e BE-154-cve-2021-23437 
Fix for CVE-2021-23437 Raise ValueError if color specifier is too long
 2023-03-21 19:09:40 -04:00
Marc Gutman
c3851b77ca
Merge pull request #10 from ActiveState/BE-152-cve-2021-27922 
Update changelogs with fixes that were already in, BE-584, BE-151, BE…
 2023-03-13 16:40:30 -05:00
Frederick Price
5a35a1d0d4 Update changelogs with fixes that were already in, BE-584, BE-151, BE-152 2023-03-13 17:15:31 -04:00
Marc Gutman
b06ecb4365
Merge pull request #9 from ActiveState/BE-148-cve-2021-25290 
BE-148-cve-2021-25290
 2023-03-13 15:34:01 -05:00
Eric Soroos
5515707532 Merge CVE changes 
Put a comma back in
 2023-03-13 12:52:20 -04:00
Marc Gutman
50ba069cc6
Merge pull request #8 from ActiveState/BE-149-cve-2021-25291 
Update release notes in advance
 2023-03-08 17:11:32 -06:00
Frederick Price
d6705ef3c0 Fix for CVE-2021-25291 
* Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile
* Check the tile validity before attempting to read.

(cherry picked from commit 8b8076bdcb)
 2023-03-08 18:08:31 -05:00
Marc Gutman
e18d9e1391
Merge pull request #7 from ActiveState/BE-584-cve-2021-27921 
BE-584 Cherrypick the fix for CVE-2021-27921
 2023-03-01 12:04:14 -06:00
Rick Price
6b88004138
Merge branch '6.2.x' into BE-584-cve-2021-27921 2023-03-01 12:29:36 -05:00
Frederick Price
8400b37ab5 BE-584 Cherrypick the fix for CVE-2021-27921 
Original comment:

Fix Memory DOS in Icns, Ico and Blp Image Plugins

Some container plugins that could contain images of other formats,
such as the ICNS format, did not properly check the reported size of
the contained image. These images could cause arbitrariliy large
memory allocations.

This is fixed for all locations where individual *ImageFile classes
are created without going through the usual Image.open method.

(cherry picked from commit 480f6819b5)

Also fixed problems caused by the changes.

Document CVE fix
 2023-03-01 11:58:24 -05:00
Frederick Price
76eb7d35ab Update docs 2023-02-24 08:53:19 -05:00
Eric Soroos
297f7bc90c Fix OOB read in SgiRleDecode.c 
* From Pillow 4.3.0->8.1.0
* CVE-2021-25293

(cherry picked from commit 4853e522bd)
 2023-02-24 01:47:10 -05:00
Frederick Price
1184cbf916 Put CVE fix in for CVE-2022-22817 Restrict builtins for ImageMath.eval() 
Put in fixes from CVE
Update release documentation

Ensure all tests pass as before
 2023-02-22 18:51:28 -05:00
Emilie Yu
538ac8d360
Merge pull request #5 from ActiveState/BE-135-cve-2021-34552 
Use snprintf instead of sprintf
 2022-02-14 15:20:10 -08:00
wooken
ba4e824fb7 Use snprintf instead of sprintf 
This is fix for CVE-2021-34552

(cherry picked from commit 518ee3722a)
 2022-02-14 15:17:43 -08:00
Rick Price
04db0b815b
Merge pull request #4 from ActiveState/BE-133-cve-2021-25287 
BE-133 CVE-2021-25287, BE-134 CVE-2021-25288: Fix OOB Read in Jpeg2KDecode
 2022-02-14 13:08:29 -05:00
Emilie Yu
4b207548e0 CVE-2021-25287,CVE-2021-25288: Fix OOB Read in Jpeg2KDecode 2022-02-11 12:12:45 -08:00
Jeremy Paige
414de92fe3
Merge pull request #3 from ActiveState/jeremyp/cve-2021-25289 
CVE-2021-25291: fix TiffDecode heap-based buffer overflow
 2021-10-20 10:45:21 -07:00
Jeremy Paige
80d2d8ae09 CVE-2021-25291, CVE-2020-35654: fix TiffDecode heap-based buffer overflow 2021-10-18 14:04:51 -07:00
Jeremy Paige
d22b3879a4
Merge pull request #2 from ActiveState/jeremyp/cve-2020-11538 
CVE-2020-11538: fix SGI-RLE buffer overflow
 2021-10-12 13:21:49 -07:00
Jeremy Paige
18200ae9fd
Merge pull request #1 from zoofood/patch-1 
Added branding info/intent of fork.
 2021-10-08 15:48:30 -07:00
Jeremy Paige
eb81417e60 Version 6.2.2.1 2021-10-08 15:43:42 -07:00
Jeff Rouse
188525db91
Added branding info/intent of fork. 2021-10-08 13:08:13 -07:00
Jeremy Paige
c1c324c2b7 CVE-2020-11538: fix SGI-RLE buffer overflow 2021-09-27 18:21:59 -07:00
Andrew Murray
a45c8583ff Release notes for 6.2.2 2020-01-02 16:18:32 +11:00
Andrew Murray
83efad4875 6.2.2 version bump 2020-01-02 14:43:09 +11:00
Andrew Murray
4820f79e01 Added release notes [ci skip] 2020-01-02 14:39:50 +11:00
Andrew Murray
4e2def2539 Overflow checks for realloc for tiff decoding 2020-01-02 14:39:36 +11:00
Andrew Murray
a79b65c47c Catch SGI buffer overruns 2020-01-02 14:39:29 +11:00
Andrew Murray
93b22b846e Catch PCX P mode buffer overrun 2020-01-02 14:39:20 +11:00