python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-09-21 03:18:57 +03:00
Code Issues Packages Projects Releases Wiki Activity
11,461 Commits 47 Branches 90 Tags 271 MiB
45530d5ce1
Commit Graph

6 Commits

Author SHA1 Message Date
Eric Soroos
45530d5ce1 fixes crash-74d2 2021-03-31 22:23:57 +02:00
Eric Soroos
cbdce6c5d0 Fix for CVE-2021-25291 
* Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile
* Check the tile validity before attempting to read.
 2021-03-01 19:04:48 +11:00
Eric Soroos
86f02f7c70 Fix negative size read in TiffDecode.c 
* Caught by oss-fuzz runs
* CVE-2021-25290
 2021-03-01 19:04:42 +11:00
Eric Soroos
3fee28eb94 Incorrect error code checking in TiffDecode.c 
* since Pillow 8.1.0
* CVE-2021-25289
 2021-03-01 18:51:13 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c 
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
 2021-01-02 20:37:48 +11:00
Andrew Murray
26bf1c3524 Moved CVE images to pillow-depends 2020-09-23 00:14:40 +10:00