Commit Graph

3 Commits

Author SHA1 Message Date
Eric Soroos
3fee28eb94 Incorrect error code checking in TiffDecode.c
* since Pillow 8.1.0
* CVE-2021-25289
2021-03-01 18:51:13 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Andrew Murray
26bf1c3524 Moved CVE images to pillow-depends 2020-09-23 00:14:40 +10:00