Pillow

python-pillow/Pillow

Fork 0

mirror of https://github.com/python-pillow/Pillow.git synced 2024-09-21 19:38:57 +03:00

Commit Graph

Author	SHA1	Message	Date
wiredfool	eb8c1206d6	Fix CVE-2020-35654 - OOB Write in TiffDecode.c * In some circumstances with some versions of libtiff (4.1.0+), there could be a 4 byte out of bound write when decoding a YCbCr tiff. * The Pillow code dates to 6.0.0 * Found and reported through Tidelift	2021-01-02 20:37:48 +11:00

Author

SHA1

Message

Date

wiredfool

eb8c1206d6

Fix CVE-2020-35654 - OOB Write in TiffDecode.c

* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift

2021-01-02 20:37:48 +11:00

1 Commits