Andrew Murray
2c41413b93
Merge pull request #5179 from nulano/wheels-180
...
Release notes for LibTIFF update in pillow-wheels
2021-01-05 20:38:32 +11:00
nulano
aae94110d7
lint
2021-01-05 00:07:03 +11:00
nulano
0488a2761a
can't use underscore prefix for distutils options
2021-01-05 00:07:03 +11:00
nulano
43bde01623
disable Raqm/FriBiDi vendoring by default, except in Windows tests
2021-01-05 00:07:03 +11:00
nulano
8c02e3803b
Revert "raqm: avoid declaring variables in for statement for C89 compatibility"
...
This reverts commit b3cfe73854e74bc25a88f53b177713bfb63812e4.
2021-01-05 00:07:03 +11:00
nulano
db0dad909e
test
2021-01-05 00:07:03 +11:00
nulano
9c178435fb
raqm: fix FriBiDi<1 support
2021-01-05 00:07:03 +11:00
nulano
b4a57d6fc5
support FriBiDi<1.0
2021-01-05 00:07:03 +11:00
nulano
f2b2d53ca8
raqm: avoid declaring variables in for statement for C89 compatibility
2021-01-05 00:07:03 +11:00
nulano
c3fce854f2
avoid NULL in fribidi shim
2021-01-05 00:07:03 +11:00
nulano
834c2e5e5d
lint
2021-01-05 00:07:03 +11:00
nulano
be0d0a3a48
fix finding raqm deps
2021-01-05 00:07:03 +11:00
nulano
3386a9ce02
replace tabs in thirdparty libs
2021-01-05 00:06:29 +11:00
nulano
d4403bec46
GHA: fix windows build for dynamic fribidi
2021-01-05 00:06:29 +11:00
nulano
5cd688fc82
add option to statically link fribidi, version info
2021-01-05 00:06:29 +11:00
nulano
9e5fc136b9
add Raqm license and readme
2021-01-05 00:03:52 +11:00
nulano
8bc1ff35b4
use FriBiDi shim in Raqm
2021-01-05 00:03:52 +11:00
nulano
e5e5761da4
add raqm to thirdparty directory
2021-01-04 23:57:31 +11:00
Esteban Gehring
930059814d
docs: add alpha channel to supported hex color specifiers
2021-01-04 13:42:15 +01:00
Andrew Murray
d374015504
Merge pull request #4770 from hugovk/clang-format-pganssle
...
ClangFormat the C code
2021-01-04 22:24:57 +11:00
Uriel Martinez
7f5dbb7c9b
Update src/PIL/Image.py
...
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
2021-01-02 21:57:24 -06:00
Andrew Murray
46b7e86bab
Format with ClangFormat
2021-01-03 14:17:51 +11:00
Hugo van Kemenade
e2d00f8cf8
Adjust clang-format style
2021-01-03 14:16:42 +11:00
Hugo van Kemenade
5d968accf5
Add clang-format style that approximates Python's PEP 7 from pganssle/zoneinfo
2021-01-03 14:16:42 +11:00
Andrew Murray
56e7d1fd9b
8.2.0.dev0 version bump
2021-01-03 07:14:59 +11:00
Eric Soroos
6b6c0b3692
Added docs for C-Extension debugging with valgrind [ci-skip]
2021-01-02 13:07:30 +01:00
Andrew Murray
fcc42e0d34
8.1.0 version bump
2021-01-02 22:39:02 +11:00
Andrew Murray
a99128052c
Update CHANGES.rst [ci skip]
2021-01-02 22:38:16 +11:00
Andrew Murray
470e48be4f
Merge pull request #5176 from radarhere/security
...
Document CVE fixes
2021-01-02 22:37:19 +11:00
Andrew Murray
cd316feead
Link to OSS-Fuzz [ci skip]
2021-01-02 22:09:07 +11:00
Andrew Murray
2711549503
Link to TideLift [ci skip]
2021-01-02 22:07:03 +11:00
Andrew Murray
d88fdcda06
Updated capitalisation [ci skip]
...
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
2021-01-02 22:00:35 +11:00
nulano
c5c0cd8914
document pillow-wheels PR180
2021-01-02 11:54:56 +01:00
Andrew Murray
95f99d52c4
Document CVE fixes [ci skip]
2021-01-02 21:27:50 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff
...
Fix TIFF OOB Write error
2021-01-02 21:13:28 +11:00
Andrew Murray
0117694533
Merge pull request #5174 from radarhere/pcx
...
Fix for Read Overflow in PCX Decoding
2021-01-02 21:00:25 +11:00
Andrew Murray
120eea2e45
Merge pull request #5173 from radarhere/sgi
...
Fix for SGI Decode buffer overrun
2021-01-02 20:47:36 +11:00
Andrew Murray
903c67353d
Lint fix
2021-01-02 20:41:17 +11:00
Eric Soroos
2f409261eb
Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding.
...
* Don't trust the image to specify a buffer size
2021-01-02 20:38:46 +11:00
wiredfool
45a62e91b1
Rework ReadTile
...
* Don't malloc for the swap line, just shuffle backwards
* Ensure that im->pixelsize is sanity checked
* Ensure that we're using the right size for the buffer from TiffReadRGBATile
2021-01-02 20:37:48 +11:00
wiredfool
eb8c1206d6
Fix CVE-2020-35654 - OOB Write in TiffDecode.c
...
* In some circumstances with some versions of libtiff (4.1.0+), there
could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Andrew Murray
0c39689690
Merge pull request #5171 from radarhere/makefile
...
Add #5159 to the release notes
2021-01-02 20:20:05 +11:00
Andrew Murray
1cbb12fb6e
Lint fix
2021-01-02 20:19:26 +11:00
Andrew Murray
aa390a5a79
Merge pull request #5172 from radarhere/security
...
Added release notes for #5149
2021-01-02 20:17:36 +11:00
Eric Soroos
9a2c9f722f
Make the SGI code return -1 as an error flag, error in state
2021-01-02 20:10:02 +11:00
Eric Soroos
7e95c63fa7
Fix for SGI Decode buffer overrun CVE-2020-35655
...
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
2021-01-02 20:09:58 +11:00
Andrew Murray
6ffa37b85b
Document #5149 [ci skip]
2021-01-02 19:59:29 +11:00
Andrew Murray
e6ef8a6c09
Update CHANGES.rst [ci skip]
2021-01-02 19:58:03 +11:00
Andrew Murray
527409053f
Added deprecation message for install-venv
2021-01-02 19:40:03 +11:00
Hugo van Kemenade
07bbc46589
Merge pull request #5149 from wiredfool/gif_write_oob_read
2021-01-02 10:14:17 +02:00