Commit Graph

11102 Commits

Author SHA1 Message Date
Andrew Murray
7b4b356fc0 Test for incorrect PixelAccess arguments 2021-01-14 22:09:11 +11:00
Andrew Murray
bdbf1694fc Allow PixelAccess to use Python __int__ when parsing x and y 2021-01-14 21:31:25 +11:00
Andrew Murray
543fa2ceb7
Merge pull request #5194 from radarhere/python310
PyModule_AddObject fix for Python 3.10
2021-01-12 21:53:54 +11:00
Hugo van Kemenade
2ffbd5f7f7
Merge pull request #5200 from radarhere/handbook
Removed broken link
2021-01-10 12:29:28 +02:00
Andrew Murray
eb2a0622a3 Removed broken link 2021-01-10 08:26:45 +11:00
Hugo van Kemenade
e406bd5c84
Merge pull request #5197 from radarhere/getcolors
getcolors() returns colors in the image mode
2021-01-09 20:19:54 +02:00
Andrew Murray
f9c283468d Added import test 2021-01-09 23:04:32 +11:00
Hugo van Kemenade
3dd8c981db
Merge pull request #5196 from radarhere/example
Changed example image file name
2021-01-09 13:43:33 +02:00
Hugo van Kemenade
87cfbfc81b
Merge pull request #5195 from radarhere/macos_version
Updated macOS tested Pillow versions
2021-01-09 13:43:14 +02:00
Andrew Murray
4eccadced4 Document that getcolors() returns colors in the image mode [ci skip] 2021-01-09 21:30:16 +11:00
Andrew Murray
a6fc7a5320 Changed example image file name [ci skip] 2021-01-09 21:14:02 +11:00
Andrew Murray
cda2a2479e Updated macOS tested Pillow versions [ci skip] 2021-01-09 21:00:56 +11:00
Andrew Murray
cf190a3c2f PyModule_AddObject fix for Python 3.10 2021-01-09 12:17:57 +11:00
Andrew Murray
2bbb82a019 Added import test 2021-01-09 12:13:00 +11:00
wiredfool
cfff80ad76
Merge pull request #5177 from wiredfool/debugging_notes
Added docs for C-Extension debugging with valgrind
2021-01-07 13:06:22 +00:00
wiredfool
d1eccf8a6e
Merge pull request #5187 from radarhere/python3
Use python3 for GH Actions
2021-01-07 13:06:06 +00:00
wiredfool
75cee40299
Merge pull request #5189 from wiredfool/oss-fuzz-support
In tree oss-fuzz support
2021-01-07 12:37:14 +00:00
Andrew Murray
eaeaa181dd
Removed unused import 2021-01-07 23:18:24 +11:00
Eric Soroos
37a7c601cc uglify 2021-01-07 13:07:28 +01:00
Eric Soroos
ffbaa6523d Internal support for oss-fuzz testing 2021-01-07 12:55:11 +01:00
Andrew Murray
2e5d7dd387 Use python3 2021-01-06 22:42:31 +11:00
mergify[bot]
8ca24cea71
Merge pull request #5186 from nulano/test-with-python3
CI: Use python3 in .ci/test.sh
2021-01-06 10:30:04 +00:00
nulano
a9f31ffee3 use python3 in .ci/test.sh 2021-01-06 10:59:03 +01:00
Andrew Murray
2c41413b93
Merge pull request #5179 from nulano/wheels-180
Release notes for LibTIFF update in pillow-wheels
2021-01-05 20:38:32 +11:00
Andrew Murray
d374015504
Merge pull request #4770 from hugovk/clang-format-pganssle
ClangFormat the C code
2021-01-04 22:24:57 +11:00
Andrew Murray
46b7e86bab Format with ClangFormat 2021-01-03 14:17:51 +11:00
Hugo van Kemenade
e2d00f8cf8 Adjust clang-format style 2021-01-03 14:16:42 +11:00
Hugo van Kemenade
5d968accf5 Add clang-format style that approximates Python's PEP 7 from pganssle/zoneinfo 2021-01-03 14:16:42 +11:00
Andrew Murray
56e7d1fd9b 8.2.0.dev0 version bump 2021-01-03 07:14:59 +11:00
Eric Soroos
6b6c0b3692 Added docs for C-Extension debugging with valgrind [ci-skip] 2021-01-02 13:07:30 +01:00
Andrew Murray
fcc42e0d34 8.1.0 version bump 2021-01-02 22:39:02 +11:00
Andrew Murray
a99128052c Update CHANGES.rst [ci skip] 2021-01-02 22:38:16 +11:00
Andrew Murray
470e48be4f
Merge pull request #5176 from radarhere/security
Document CVE fixes
2021-01-02 22:37:19 +11:00
Andrew Murray
cd316feead Link to OSS-Fuzz [ci skip] 2021-01-02 22:09:07 +11:00
Andrew Murray
2711549503 Link to TideLift [ci skip] 2021-01-02 22:07:03 +11:00
Andrew Murray
d88fdcda06
Updated capitalisation [ci skip]
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
2021-01-02 22:00:35 +11:00
nulano
c5c0cd8914 document pillow-wheels PR180 2021-01-02 11:54:56 +01:00
Andrew Murray
95f99d52c4 Document CVE fixes [ci skip] 2021-01-02 21:27:50 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff
Fix TIFF OOB Write error
2021-01-02 21:13:28 +11:00
Andrew Murray
0117694533
Merge pull request #5174 from radarhere/pcx
Fix for Read Overflow in PCX Decoding
2021-01-02 21:00:25 +11:00
Andrew Murray
120eea2e45
Merge pull request #5173 from radarhere/sgi
Fix for SGI Decode buffer overrun
2021-01-02 20:47:36 +11:00
Andrew Murray
903c67353d Lint fix 2021-01-02 20:41:17 +11:00
Eric Soroos
2f409261eb Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding.
* Don't trust the image to specify a buffer size
2021-01-02 20:38:46 +11:00
wiredfool
45a62e91b1 Rework ReadTile
* Don't malloc for the swap line, just shuffle backwards
* Ensure that im->pixelsize is sanity checked
* Ensure that we're using the right size for the buffer from TiffReadRGBATile
2021-01-02 20:37:48 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Andrew Murray
0c39689690
Merge pull request #5171 from radarhere/makefile
Add #5159 to the release notes
2021-01-02 20:20:05 +11:00
Andrew Murray
1cbb12fb6e Lint fix 2021-01-02 20:19:26 +11:00
Andrew Murray
aa390a5a79
Merge pull request #5172 from radarhere/security
Added release notes for #5149
2021-01-02 20:17:36 +11:00
Eric Soroos
9a2c9f722f Make the SGI code return -1 as an error flag, error in state 2021-01-02 20:10:02 +11:00
Eric Soroos
7e95c63fa7 Fix for SGI Decode buffer overrun CVE-2020-35655
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
2021-01-02 20:09:58 +11:00