Pillow

mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-11 04:07:21 +03:00

Author	SHA1	Message	Date
Andrew Murray	a3dbee9f08	Cover horizontal lines both increasing in x	2021-04-11 12:41:33 +10:00
Andrew Murray	006de79d60	Use assert_image_equal_tofile	2021-04-11 12:41:33 +10:00
Tsung-Po Sun	9a4b1301de	Modify test code	2021-04-11 12:41:33 +10:00
Tsung-Po Sun	87e7e88591	fix lint	2021-04-11 12:41:32 +10:00
Tsung-Po Sun	df0273e024	Reformat	2021-04-11 12:41:32 +10:00
Tsung-Po Sun	324d934128	Remove spaces	2021-04-11 12:41:32 +10:00
Tsung-Po Sun	824d2fa4f3	Add test	2021-04-11 12:41:32 +10:00
Andrew Murray	5491bd5eda	Merge parallel horizontal edges in ImagingDrawPolygon	2021-04-11 12:41:32 +10:00
wiredfool	fe668716ed	Merge pull request #5397 from wiredfool/valgrind_fixes Valgrind fixes	2021-04-10 19:15:17 +01:00
Eric Soroos	75c60bd6bb	Can't install valgrind in requirements, breaks doc building	2021-04-10 17:47:18 +02:00
Eric Soroos	1c872a9eda	lint stuff	2021-04-10 16:58:01 +02:00
Eric Soroos	af6fb9c518	xfail the fuzzer check as well	2021-04-10 12:03:39 +02:00
Eric Soroos	c94f66ad13	make sure we return a mark decorator	2021-04-10 12:03:15 +02:00
Eric Soroos	a3a69c8385	conditional mark for valgrind ignore	2021-04-09 23:53:24 +02:00
Andrew Murray	356681faae	Merge pull request #5393 from hugovk/test-redos Add test for CVE-2021-25292 ReDoS	2021-04-09 23:34:11 +10:00
Eric Soroos	441e6426ae	Initialize buffer with 0, fixes valgrind undefined behavior issues	2021-04-09 13:41:23 +02:00
Eric Soroos	43aa6ade6f	Local valgrind test target	2021-04-09 13:39:28 +02:00
Hugo van Kemenade	b01fd46fe6	Merge pull request #5395 from radarhere/python3	2021-04-09 13:43:45 +03:00
Andrew Murray	714d6c8cd3	Removed shebang line	2021-04-09 19:10:53 +10:00
Andrew Murray	b8c8375d0c	Use python3 in shebang line	2021-04-09 19:10:36 +10:00
Hugo van Kemenade	bde149be38	Add test for CVE-2021-25292 ReDoS	2021-04-08 23:53:22 +03:00
Hugo van Kemenade	75c111903c	Merge pull request #5382 from radarhere/rounded_rectangle Round down the radius in rounded_rectangle	2021-04-07 19:31:19 +03:00
Andrew Murray	97207a8b19	Update CHANGES.rst [ci skip]	2021-04-07 19:20:35 +10:00
Hugo van Kemenade	eeddc06305	Merge pull request #5383 from radarhere/dds	2021-04-07 12:15:02 +03:00
Andrew Murray	d06871d543	Set mode of three channel uncompressed RGB data to RGB	2021-04-05 17:58:02 +10:00
Andrew Murray	6f87faf0ee	Reversed rawmode for uncompressed RGB data	2021-04-05 17:54:34 +10:00
Andrew Murray	92edc29439	Round down the radius in rounded_rectangle	2021-04-05 08:54:06 +10:00
Hugo van Kemenade	e2ac1d1c34	Merge pull request #5380 from radarhere/accept	2021-04-03 16:23:39 +03:00
Andrew Murray	60da129d4b	Replaced register_open lambdas with _accept method for consistency	2021-04-03 21:51:28 +11:00
Andrew Murray	d4f9c6e082	Renamed register_open accept methods for consistency	2021-04-03 21:51:23 +11:00
Hugo van Kemenade	ee079ae67e	Merge pull request #5378 from radarhere/fedora Removed Fedora 32 docker job	2021-04-02 13:10:36 +03:00
Andrew Murray	ed8064df22	Removed Fedora 32 docker job	2021-04-02 18:07:03 +11:00
Hugo van Kemenade	330f77ae7a	8.3.0.dev0 version bump	2021-04-01 23:56:43 +03:00
Hugo van Kemenade	e0e353c0ef	8.2.0 version bump	2021-04-01 20:58:27 +03:00
Hugo van Kemenade	ee635befc6	Merge pull request #5377 from hugovk/security-and-release-notes Security fixes for 8.2.0	2021-04-01 20:00:22 +03:00
Hugo van Kemenade	694c84f88f	Fix typo [ci skip] Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>	2021-04-01 20:00:13 +03:00
Hugo van Kemenade	8febdad8dd	Review, typos and lint	2021-04-01 17:41:46 +03:00
Hugo van Kemenade	fea419665b	Reorder, roughly alphabetic	2021-04-01 17:26:24 +03:00
Eric Soroos	496245aa43	Fix BLP DOS -- CVE-2021-28678 * BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DOS where the decoder could be run a large number of times on empty data * This dates to Pillow 5.1.0	2021-04-01 17:17:35 +03:00
Eric Soroos	22e9bee4ef	Fix DOS in PSDImagePlugin -- CVE-2021-28675 * PSDImagePlugin did not sanity check the number of input layers and vs the size of the data block, this could lead to a DOS on Image.open prior to Image.load. * This issue dates to the PIL fork	2021-04-01 17:17:31 +03:00
Eric Soroos	ba65f0b08e	Fix Memory DOS in ImageFont * A corrupt or specially crafted TTF font could have font metrics that lead to unreasonably large sizes when rendering text in font. ImageFont.py did not check the image size before allocating memory for it. * Found with oss-fuzz * This dates from the PIL fork	2021-04-01 17:17:27 +03:00
Eric Soroos	bb6c11fb88	Fix FLI DOS -- CVE-2021-28676 * FliDecode did not properly check that the block advance was non-zero, potentally leading to an infinite loop on load. * This dates to the PIL Fork * Found with oss-fuzz	2021-04-01 17:17:23 +03:00
Eric Soroos	5a5e6db0ab	Fix EPS DOS on _open -- CVE-2021-28677 * The readline used in EPS has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. * A malicious EPS file could use this to perform a DOS of Pillow in the open phase, before an image was accepted for opening. * This dates to the PIL Fork	2021-04-01 17:17:18 +03:00
Eric Soroos	3bf5eddb89	Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288 * For J2k images with multiple bands, it's legal in to have different widths for each band, e.g. 1 byte for L, 4 bytes for A * This dates to Pillow 2.4.0	2021-04-01 17:17:13 +03:00
Hugo van Kemenade	8ec027867f	Add security release notes	2021-04-01 17:15:44 +03:00
Hugo van Kemenade	ef5f294d74	Merge pull request #5376 from radarhere/xmp	2021-04-01 15:38:11 +03:00
Andrew Murray	ae7110a85d	Added release notes [ci skip]	2021-04-01 23:18:30 +11:00
Andrew Murray	e12d5042ad	Adjusted docstring	2021-04-01 22:28:42 +11:00
Andrew Murray	2c8684c525	Moved getxmp() into JpegImageFile	2021-04-01 22:28:37 +11:00
Andrew Murray	43c41720e9	Update CHANGES.rst [ci skip]	2021-04-01 21:40:53 +11:00

1 2 3 4 5 ...

11555 Commits