Pillow

python-pillow/Pillow

Fork 0

mirror of https://github.com/python-pillow/Pillow.git synced 2024-12-26 09:56:17 +03:00

Commit Graph

Author	SHA1	Message	Date
wiredfool	eb8c1206d6	Fix CVE-2020-35654 - OOB Write in TiffDecode.c * In some circumstances with some versions of libtiff (4.1.0+), there could be a 4 byte out of bound write when decoding a YCbCr tiff. * The Pillow code dates to 6.0.0 * Found and reported through Tidelift	2021-01-02 20:37:48 +11:00
Andrew Murray	26bf1c3524	Moved CVE images to pillow-depends	2020-09-23 00:14:40 +10:00

Author

SHA1

Message

Date

wiredfool

eb8c1206d6

Fix CVE-2020-35654 - OOB Write in TiffDecode.c

* In some circumstances with some versions of libtiff (4.1.0+), there
  could be a 4 byte out of bound write when decoding a YCbCr tiff.
* The Pillow code dates to 6.0.0
* Found and reported through Tidelift

2021-01-02 20:37:48 +11:00

Andrew Murray

26bf1c3524

Moved CVE images to pillow-depends

2020-09-23 00:14:40 +10:00

2 Commits