Pillow

mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-11 20:27:06 +03:00

Author	SHA1	Message	Date
Eric Soroos	480f6819b5	Fix Memory DOS in Icns, Ico and Blp Image Plugins Some container plugins that could contain images of other formats, such as the ICNS format, did not properly check the reported size of the contained image. These images could cause arbitrariliy large memory allocations. This is fixed for all locations where individual *ImageFile classes are created without going through the usual Image.open method.	2021-03-06 10:19:14 +11:00
Hugo van Kemenade	b511d704ae	Merge pull request #5306 from radarhere/releasenotes Added more CVE numbers to 8.1.1 release notes	2021-03-04 13:23:09 +02:00
Andrew Murray	b885af93cb	Added more CVE numbers [ci skip]	2021-03-04 17:33:47 +11:00
Andrew Murray	a1463ff211	Added release notes	2021-03-04 08:59:47 +11:00
Andrew Murray	7b09463809	Added IPythonViewer docstring	2021-03-04 08:56:49 +11:00
Kipkurui Mutai	5e0a4acb85	Update ImageShow.rst	2021-03-04 08:56:13 +11:00
Andrew Murray	f067fe4c05	Added import alias for clarity	2021-03-04 08:56:03 +11:00
Andrew Murray	346bfc9537	Added IPythonViewer	2021-03-04 08:55:24 +11:00
Luke Granger-Brown	852fd170f8	Fix -Wformat error in TiffDecode src/libImaging/TiffDecode.c: In function ‘_tiffReadProc’: src/libImaging/TiffDecode.c:59:58: error: format ‘%d’ expects argument of type ‘int’, but argument 3 has type ‘toff_t’ {aka ‘long unsigned int’} [-Werror=format=] src/libImaging/TiffDecode.c:59:67: error: format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘toff_t’ {aka ‘long unsigned int’} [-Werror=format=]	2021-03-03 13:30:28 +00:00
Andrew Murray	4b73397bdf	Merge pull request #5303 from radarhere/releasenotes Corrected list of relevant dependencies	2021-03-03 22:40:44 +11:00
Andrew Murray	944fd834db	Updated spelling [ci skip] Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>	2021-03-03 22:38:24 +11:00
Andrew Murray	b959ee7885	Corrected list of relevant dependencies [ci skip]	2021-03-03 20:34:52 +11:00
Andrew Murray	0de08851e4	Merge pull request #5301 from hugovk/update-release-notes Update release notes: formatting, links, spelling	2021-03-03 20:29:14 +11:00
Hugo van Kemenade	d0cf8ffef5	Fix filename spelling Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>	2021-03-03 10:47:21 +02:00
Hugo van Kemenade	fbb825e3bf	Merge pull request #5302 from radarhere/libimagequant	2021-03-03 10:45:39 +02:00
Andrew Murray	4103b50852	Merge pull request #13 from nulano/libimagequant Update libimagequant in winbuild	2021-03-03 10:43:07 +11:00
nulano	333fd06e90	update libimagequant in winbuild	2021-03-02 23:19:20 +01:00
Andrew Murray	f676b10813	Updated libimagequant to 2.14.1	2021-03-03 07:56:29 +11:00
Hugo van Kemenade	b23e261300	Merge pull request #67 from radarhere/update-release-notes Expanded "OOB" to "out-of-bounds"	2021-03-02 15:12:11 +02:00
Andrew Murray	b41dab0e9b	Expanded "OOB" to "out-of-bounds" [ci skip]	2021-03-02 23:22:06 +11:00
Hugo van Kemenade	915f68967f	Update release notes formatting, links, spelling	2021-03-02 13:16:14 +02:00
Andrew Murray	e563366863	Merge pull request #5299 from heitbaum/patch-1 CHANGES.rst: update dates	2021-03-02 20:30:50 +11:00
heitbaum	8e887b62ac	CHANGES.rst: update dates	2021-03-02 20:09:23 +11:00
wiredfool	35f8fafdf5	Merge pull request #5198 from wiredfool/cifuzz Add CIFuzz Github Action	2021-03-01 20:25:30 +00:00
wiredfool	c477bed95f	Merge pull request #5280 from cgohlke/patch-1 Fix suspicious sequence of types castings	2021-03-01 20:19:26 +00:00
Eric Soroos	3c96fbf908	Removed "Remove me" testing lines	2021-03-01 21:03:26 +01:00
Andrew Murray	a80cf42275	Added 8.1.1 release notes to index	2021-03-01 19:22:57 +11:00
Andrew Murray	fb4ae1ee3c	Update CHANGES.rst [ci skip]	2021-03-01 19:20:52 +11:00
Eric Soroos	c96eac1ca4	Credits	2021-03-01 19:05:23 +11:00
Eric Soroos	3f2b7d7140	Release notes for 8.1.1	2021-03-01 19:05:08 +11:00
Hugo van Kemenade	3bce145966	Use more specific regex chars to prevent ReDoS * CVE-2021-25292	2021-03-01 19:04:57 +11:00
Eric Soroos	cbdce6c5d0	Fix for CVE-2021-25291 * Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile * Check the tile validity before attempting to read.	2021-03-01 19:04:48 +11:00
Eric Soroos	86f02f7c70	Fix negative size read in TiffDecode.c * Caught by oss-fuzz runs * CVE-2021-25290	2021-03-01 19:04:42 +11:00
Eric Soroos	4853e522bd	Fix OOB read in SgiRleDecode.c * From Pillow 4.3.0->8.1.0 * CVE-2021-25293	2021-03-01 19:04:19 +11:00
Eric Soroos	3fee28eb94	Incorrect error code checking in TiffDecode.c * since Pillow 8.1.0 * CVE-2021-25289	2021-03-01 18:51:13 +11:00
wiredfool	e5839216a5	Merge pull request #5293 from wiredfool/valgrind_action Add Valgrind GHA	2021-02-28 16:25:13 +00:00
Eric Soroos	aa0b982ef6	Added failure if out/crash-* exists	2021-02-28 17:17:33 +01:00
Eric Soroos	f74d046574	Removing the .yml files from the triggers	2021-02-28 17:09:27 +01:00
nulano	e4cc42265d	add Raqm build configuration info to build summary	2021-02-27 16:52:46 +01:00
nulano	70fb148fc4	fix merge	2021-02-27 15:14:00 +01:00
Eric Soroos	95884c6b2d	Riun on .c/.h	2021-02-27 12:54:38 +01:00
Eric Soroos	3c2893cdf1	No coverage from the valgrind run	2021-02-27 12:00:18 +01:00
Eric Soroos	2d52a9fcf2	Syntax	2021-02-27 11:54:33 +01:00
Eric Soroos	061012c46a	Stage Title Change	2021-02-27 11:52:52 +01:00
Eric Soroos	f194d9e6e2	Keep errors if they're "known"	2021-02-27 11:46:19 +01:00
Eric Soroos	ba1555a485	syntax	2021-02-27 11:31:43 +01:00
Eric Soroos	cf5b9a77b3	Add Valgrind GHA	2021-02-27 11:22:26 +01:00
Hugo van Kemenade	a3f34e71ed	Merge pull request #5283 from radarhere/context_managers Added context managers to documentation	2021-02-26 20:17:18 +02:00
Hugo van Kemenade	f73ead103e	Merge pull request #5288 from radarhere/numpy_builtins	2021-02-26 18:48:40 +02:00
Hugo van Kemenade	af4ef759d2	Merge pull request #5290 from radarhere/imageshow Removed comment	2021-02-26 18:46:41 +02:00

... 4 5 6 7 8 ...

11552 Commits