python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-08-12 00:04:46 +03:00
Code Issues Packages Projects Releases Wiki Activity
9,019 Commits 51 Branches 94 Tags 313 MiB
76eb7d35ab
Commit Graph

9019 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Frederick Price
76eb7d35ab Update docs 2023-02-24 08:53:19 -05:00
Eric Soroos
297f7bc90c Fix OOB read in SgiRleDecode.c 
* From Pillow 4.3.0->8.1.0
* CVE-2021-25293

(cherry picked from commit 4853e522bd)
 2023-02-24 01:47:10 -05:00
Frederick Price
1184cbf916 Put CVE fix in for CVE-2022-22817 Restrict builtins for ImageMath.eval() 
Put in fixes from CVE
Update release documentation

Ensure all tests pass as before
 2023-02-22 18:51:28 -05:00
Emilie Yu
538ac8d360
Merge pull request #5 from ActiveState/BE-135-cve-2021-34552 
Use snprintf instead of sprintf
 2022-02-14 15:20:10 -08:00
wooken
ba4e824fb7 Use snprintf instead of sprintf 
This is fix for CVE-2021-34552

(cherry picked from commit 518ee3722a)
 2022-02-14 15:17:43 -08:00
Rick Price
04db0b815b
Merge pull request #4 from ActiveState/BE-133-cve-2021-25287 
BE-133 CVE-2021-25287, BE-134 CVE-2021-25288: Fix OOB Read in Jpeg2KDecode
 2022-02-14 13:08:29 -05:00
Emilie Yu
4b207548e0 CVE-2021-25287,CVE-2021-25288: Fix OOB Read in Jpeg2KDecode 2022-02-11 12:12:45 -08:00
Jeremy Paige
414de92fe3
Merge pull request #3 from ActiveState/jeremyp/cve-2021-25289 
CVE-2021-25291: fix TiffDecode heap-based buffer overflow
 2021-10-20 10:45:21 -07:00
Jeremy Paige
80d2d8ae09 CVE-2021-25291, CVE-2020-35654: fix TiffDecode heap-based buffer overflow 2021-10-18 14:04:51 -07:00
Jeremy Paige
d22b3879a4
Merge pull request #2 from ActiveState/jeremyp/cve-2020-11538 
CVE-2020-11538: fix SGI-RLE buffer overflow
 2021-10-12 13:21:49 -07:00
Jeremy Paige
18200ae9fd
Merge pull request #1 from zoofood/patch-1 
Added branding info/intent of fork.
 2021-10-08 15:48:30 -07:00
Jeremy Paige
eb81417e60 Version 6.2.2.1 2021-10-08 15:43:42 -07:00
Jeff Rouse
188525db91
Added branding info/intent of fork. 2021-10-08 13:08:13 -07:00
Jeremy Paige
c1c324c2b7 CVE-2020-11538: fix SGI-RLE buffer overflow 2021-09-27 18:21:59 -07:00
Andrew Murray
a45c8583ff Release notes for 6.2.2 2020-01-02 16:18:32 +11:00
Andrew Murray
83efad4875 6.2.2 version bump 2020-01-02 14:43:09 +11:00
Andrew Murray
4820f79e01 Added release notes [ci skip] 2020-01-02 14:39:50 +11:00
Andrew Murray
4e2def2539 Overflow checks for realloc for tiff decoding 2020-01-02 14:39:36 +11:00
Andrew Murray
a79b65c47c Catch SGI buffer overruns 2020-01-02 14:39:29 +11:00
Andrew Murray
93b22b846e Catch PCX P mode buffer overrun 2020-01-02 14:39:20 +11:00
Andrew Murray
a09acd0dec Catch FLI buffer overrun 2020-01-02 14:39:14 +11:00
Andrew Murray
774e53bb13 Raise an error for an invalid number of bands in FPX image 2020-01-02 14:39:05 +11:00
Andrew Murray
8892aecfbf Added security notes [ci skip] 2020-01-02 10:04:06 +11:00
Andrew Murray
46c35f06b1 Updated copyright year 2020-01-01 14:03:55 +11:00
Andrew Murray
f269b49cff
Merge pull request #4306 from radarhere/6.2.x_centos 
Added CentOS 8 to 6.2.x
 2019-12-27 07:09:35 +11:00
Andrew Murray
cc04ee7b5c Added CentOS 8 2019-12-26 21:20:19 +11:00
Andrew Murray
48908c94e8 Updated CI targets [ci skip] 2019-12-26 21:18:27 +11:00
Hugo van Kemenade
c8d620416f
Merge pull request #4300 from radarhere/6.2.x_python 
Test 6.2.x against Python 3.8 final
 2019-12-26 09:32:42 +02:00
Hugo van Kemenade
bde3e9cfc9
Merge pull request #4301 from radarhere/6.2.x_fedora 
Added Fedora 31 to 6.2.x
 2019-12-26 09:31:55 +02:00
Andrew Murray
c77171fea2 Added Fedora 31 2019-12-26 12:02:06 +11:00
Hugo
9fa34ecc2e Test on Python 3.8 2019-12-26 09:54:23 +11:00
Hugo
738bbd2641 Test on Python 3.8 2019-12-26 09:54:02 +11:00
Andrew Murray
71ffb52320
Merge pull request #4299 from hugovk/6.2.x-fix-lint 
6.2.x: Fix Lint
 2019-12-26 09:13:42 +11:00
Hugo
fe38d93250 Format with Black 19.10b0 2019-12-25 17:44:05 +02:00
Hugo van Kemenade
a9126faa7a
Use dedicated docker tag for 6.2.x (#4298) 
Use dedicated docker tag for 6.2.x
 2019-12-25 17:40:23 +02:00
Andrew Murray
89d6c84ba0 Removed EOL Fedora 29 2019-12-26 00:51:11 +11:00
Andrew Murray
fe8ba74f93
Removed EOL Fedora 29 
Co-Authored-By: Hugo van Kemenade <hugovk@users.noreply.github.com>
 2019-12-26 00:50:23 +11:00
Andrew Murray
7a0a2e966c Changed docker tag to 6.2.x 2019-12-25 23:41:45 +11:00
Hugo
6e0f07bbe3 Pillow 6.2.1 is the last to support Python 2.7 2019-10-21 09:05:44 +03:00
Hugo
39d26d3f90 6.2.1 version bump 2019-10-20 19:44:44 +03:00
Hugo
ee9e21aff1 Add release notes for Pillow 6.2.1 2019-10-20 18:38:59 +03:00
Hugo
efcfb91b71 Update CHANGES.rst [CI skip] 2019-10-20 18:37:04 +03:00
Hugo van Kemenade
f97c4ddb0a
6.2.x: Add support for Python 3.8 (#4151) 
6.2.x: Add support for Python 3.8
 2019-10-20 16:12:32 +03:00
Hugo
b78edcc9e4 Add support for Python 3.8 2019-10-20 13:11:45 +03:00
Andrew Murray
8a30d13537 Updated CHANGES.rst [ci skip] 2019-10-01 19:24:57 +10:00
Andrew Murray
75602d12e1 6.2.0 version bump 2019-10-01 19:23:32 +10:00
Andrew Murray
4756af9c10 Updated CHANGES.rst [ci skip] 2019-10-01 06:54:31 +10:00
Andrew Murray
cc16025e23
Merge pull request #4104 from radarhere/overrun 
Catch buffer overruns
 2019-09-30 23:33:28 +10:00
Andrew Murray
fb8470187a
Merge pull request #4034 from cgohlke/patch-1 
Initialize rows_per_strip when RowsPerStrip tag is missing
 2019-09-30 22:32:34 +10:00
Andrew Murray
b9693a51c9
Merge pull request #4103 from radarhere/dimension 
Raise error if TIFF dimension is a string
 2019-09-30 21:26:53 +10:00