Commit Graph

11804 Commits

Author SHA1 Message Date
Andrew Murray
46b7e86bab Format with ClangFormat 2021-01-03 14:17:51 +11:00
Hugo van Kemenade
e2d00f8cf8 Adjust clang-format style 2021-01-03 14:16:42 +11:00
Hugo van Kemenade
5d968accf5 Add clang-format style that approximates Python's PEP 7 from pganssle/zoneinfo 2021-01-03 14:16:42 +11:00
Andrew Murray
56e7d1fd9b 8.2.0.dev0 version bump 2021-01-03 07:14:59 +11:00
Eric Soroos
6b6c0b3692 Added docs for C-Extension debugging with valgrind [ci-skip] 2021-01-02 13:07:30 +01:00
Andrew Murray
fcc42e0d34 8.1.0 version bump 2021-01-02 22:39:02 +11:00
Andrew Murray
a99128052c Update CHANGES.rst [ci skip] 2021-01-02 22:38:16 +11:00
Andrew Murray
470e48be4f
Merge pull request #5176 from radarhere/security
Document CVE fixes
2021-01-02 22:37:19 +11:00
Andrew Murray
cd316feead Link to OSS-Fuzz [ci skip] 2021-01-02 22:09:07 +11:00
Andrew Murray
2711549503 Link to TideLift [ci skip] 2021-01-02 22:07:03 +11:00
Andrew Murray
d88fdcda06
Updated capitalisation [ci skip]
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
2021-01-02 22:00:35 +11:00
nulano
c5c0cd8914 document pillow-wheels PR180 2021-01-02 11:54:56 +01:00
Andrew Murray
95f99d52c4 Document CVE fixes [ci skip] 2021-01-02 21:27:50 +11:00
Andrew Murray
c8dd1c8422
Merge pull request #5175 from radarhere/tiff
Fix TIFF OOB Write error
2021-01-02 21:13:28 +11:00
Andrew Murray
0117694533
Merge pull request #5174 from radarhere/pcx
Fix for Read Overflow in PCX Decoding
2021-01-02 21:00:25 +11:00
Andrew Murray
120eea2e45
Merge pull request #5173 from radarhere/sgi
Fix for SGI Decode buffer overrun
2021-01-02 20:47:36 +11:00
Andrew Murray
903c67353d Lint fix 2021-01-02 20:41:17 +11:00
Eric Soroos
2f409261eb Fix for CVE CVE-2020-35655 - Read Overflow in PCX Decoding.
* Don't trust the image to specify a buffer size
2021-01-02 20:38:46 +11:00
wiredfool
45a62e91b1 Rework ReadTile
* Don't malloc for the swap line, just shuffle backwards
* Ensure that im->pixelsize is sanity checked
* Ensure that we're using the right size for the buffer from TiffReadRGBATile
2021-01-02 20:37:48 +11:00
wiredfool
eb8c1206d6 Fix CVE-2020-35654 - OOB Write in TiffDecode.c
* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift
2021-01-02 20:37:48 +11:00
Andrew Murray
0c39689690
Merge pull request #5171 from radarhere/makefile
Add #5159 to the release notes
2021-01-02 20:20:05 +11:00
Andrew Murray
1cbb12fb6e Lint fix 2021-01-02 20:19:26 +11:00
Andrew Murray
aa390a5a79
Merge pull request #5172 from radarhere/security
Added release notes for #5149
2021-01-02 20:17:36 +11:00
Eric Soroos
9a2c9f722f Make the SGI code return -1 as an error flag, error in state 2021-01-02 20:10:02 +11:00
Eric Soroos
7e95c63fa7 Fix for SGI Decode buffer overrun CVE-2020-35655
* Independently found by a contributor and sent to Tidelift, and by Google's OSS Fuzz.
2021-01-02 20:09:58 +11:00
Andrew Murray
6ffa37b85b Document #5149 [ci skip] 2021-01-02 19:59:29 +11:00
Andrew Murray
e6ef8a6c09 Update CHANGES.rst [ci skip] 2021-01-02 19:58:03 +11:00
Andrew Murray
527409053f Added deprecation message for install-venv 2021-01-02 19:40:03 +11:00
Hugo van Kemenade
07bbc46589
Merge pull request #5149 from wiredfool/gif_write_oob_read 2021-01-02 10:14:17 +02:00
Andrew Murray
01cad6bcad Update CHANGES.rst [ci skip] 2021-01-02 11:24:20 +11:00
Andrew Murray
852503a4a3 Document #5159 [ci skip] 2021-01-02 11:00:33 +11:00
Andrew Murray
312213723d
Merge pull request #5159 from wiredfool/makefile_updates
Makefile updates
2021-01-02 10:57:13 +11:00
Hugo van Kemenade
06b0d3905e
Merge pull request #5170 from radarhere/pyside6
Document #5161 in release notes
2021-01-02 01:01:58 +02:00
Andrew Murray
6f3670df4d
Updated description 2021-01-02 09:46:03 +11:00
Andrew Murray
3808aee4e6 Document #5161 [ci skip] 2021-01-02 09:39:04 +11:00
Andrew Murray
8e948d066a Update CHANGES.rst [ci skip] 2021-01-02 09:34:31 +11:00
Andrew Murray
f54ea8fadd
Merge pull request #5161 from hugovk/add-pyside6
Add support for PySide6
2021-01-02 09:33:16 +11:00
Hugo van Kemenade
effa65cb38 Refactor 2021-01-01 20:37:16 +02:00
Hugo van Kemenade
4e3dc9a06b Add support for PySide6 2021-01-01 20:34:44 +02:00
Hugo van Kemenade
11e63b6a64
Merge pull request #5167 from radarhere/pyside2
Moved QApplication into one test
2021-01-01 20:28:31 +02:00
wiredfool
a955e97625
Merge pull request #5 from radarhere/makefile_updates
Added isort to lint-fix
2021-01-01 13:02:01 +00:00
Andrew Murray
4f28ed3956 Changed tabs to spaces for consistency 2021-01-01 23:32:46 +11:00
Andrew Murray
78a051470c Added isort to lint-fix 2021-01-01 15:54:53 +11:00
Andrew Murray
db3b5108dc Changed MP Type to match #1631 image 2021-01-01 13:00:01 +11:00
Andrew Murray
6175389186 Only read different sizes for "Large Thumbnail" frames 2021-01-01 12:45:02 +11:00
Andrew Murray
62693b7c54 Moved QApplication into one test 2021-01-01 11:33:20 +11:00
Hugo van Kemenade
41462d8c55
Merge pull request #5166 from radarhere/copyright
Updated copyright year
2021-01-01 00:54:25 +02:00
Andrew Murray
d7350bd403 Update CHANGES.rst [ci skip] 2021-01-01 09:06:32 +11:00
Eric Soroos
31b6e80f6e lint-fix target, currently including black 2020-12-31 16:39:10 +01:00
Eric Soroos
35c396c1e6 the other pip invocation 2020-12-31 16:38:57 +01:00