python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-09-21 19:38:57 +03:00
Code Issues Packages Projects Releases Wiki Activity
11,263 Commits 47 Branches 90 Tags 273 MiB
ad37e86c40
Commit Graph

11263 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric Soroos
ad37e86c40 DecompressionBombError is now an option 2021-03-15 00:21:18 +01:00
Eric Soroos
83dabda6b2 Clean up comments and filters 2021-03-15 00:18:07 +01:00
Eric Soroos
d45247eb66 Add decompression bomb error to font fuzzer 2021-03-15 00:14:43 +01:00
Eric Soroos
76e0422eb7 Isort linted that there's an extra line, which black didn't worry about 2021-03-14 14:13:37 +01:00
Eric Soroos
862e3b9d8e Apparently, it's a keyword-only parameter 2021-03-14 14:11:48 +01:00
Eric Soroos
961b2c0242 True 2021-03-14 14:03:41 +01:00
Eric Soroos
487dc16ce6 Can't skip windows properly because the depenedncy is in the decorator 2021-03-14 13:57:24 +01:00
Eric Soroos
bb6b991d8d no colors anymore, they want them to turn black 2021-03-14 13:49:36 +01:00
Eric Soroos
0ea13132a2 Overflow error shows up in x86 2021-03-14 13:42:16 +01:00
Eric Soroos
6189bca3bc Skip fuzzer tests on windows 2021-03-14 13:42:16 +01:00
Eric Soroos
8b06fec6ab linty bits 2021-03-14 13:14:39 +01:00
Eric Soroos
c17ce801cf I see a python file and I want to paint it black 2021-03-14 13:02:48 +01:00
Eric Soroos
6d6ef4a539 Ignore the pyinstaller spec files 2021-03-14 13:01:27 +01:00
Eric Soroos
becd633d3f Refactor fuzzers, add fuzzer tests 2021-03-14 13:01:27 +01:00
Eric Soroos
e2577d1736 font fuzzer 2021-03-13 11:35:50 +01:00
Eric Soroos
38692f222f Delegate building of oss-fuzz versions to pillow 2021-03-13 11:12:05 +01:00
Hugo van Kemenade
f15f573e51
Merge pull request #5224 from radarhere/mapper 2021-03-07 11:51:46 +02:00
Hugo van Kemenade
a95fee0475
Merge pull request #5215 from radarhere/license 
Document license for several fonts
 2021-03-07 11:41:56 +02:00
Hugo van Kemenade
f9b830f058
Merge pull request #5214 from radarhere/pcx 
Handle PCX images with an odd stride
 2021-03-07 11:41:14 +02:00
Hugo van Kemenade
95986f38da
Merge pull request #5168 from radarhere/mpo 2021-03-07 11:38:36 +02:00
Andrew Murray
1d7cbeb338 Update CHANGES.rst [ci skip] 2021-03-06 13:26:09 +11:00
Andrew Murray
f2ea25780a Added release notes for 8.1.2 2021-03-06 13:25:36 +11:00
Andrew Murray
5269ab13a7 Lint fix 2021-03-06 10:20:01 +11:00
Eric Soroos
480f6819b5 Fix Memory DOS in Icns, Ico and Blp Image Plugins 
Some container plugins that could contain images of other formats,
such as the ICNS format, did not properly check the reported size of
the contained image. These images could cause arbitrariliy large
memory allocations.

This is fixed for all locations where individual *ImageFile classes
are created without going through the usual Image.open method.
 2021-03-06 10:19:14 +11:00
Hugo van Kemenade
b511d704ae
Merge pull request #5306 from radarhere/releasenotes 
Added more CVE numbers to 8.1.1 release notes
 2021-03-04 13:23:09 +02:00
Andrew Murray
b885af93cb Added more CVE numbers [ci skip] 2021-03-04 17:33:47 +11:00
Andrew Murray
4b73397bdf
Merge pull request #5303 from radarhere/releasenotes 
Corrected list of relevant dependencies
 2021-03-03 22:40:44 +11:00
Andrew Murray
944fd834db
Updated spelling [ci skip] 
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
 2021-03-03 22:38:24 +11:00
Andrew Murray
b959ee7885 Corrected list of relevant dependencies [ci skip] 2021-03-03 20:34:52 +11:00
Andrew Murray
0de08851e4
Merge pull request #5301 from hugovk/update-release-notes 
Update release notes: formatting, links, spelling
 2021-03-03 20:29:14 +11:00
Hugo van Kemenade
d0cf8ffef5
Fix filename spelling 
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
 2021-03-03 10:47:21 +02:00
Hugo van Kemenade
fbb825e3bf
Merge pull request #5302 from radarhere/libimagequant 2021-03-03 10:45:39 +02:00
Andrew Murray
4103b50852
Merge pull request #13 from nulano/libimagequant 
Update libimagequant in winbuild
 2021-03-03 10:43:07 +11:00
nulano
333fd06e90 update libimagequant in winbuild 2021-03-02 23:19:20 +01:00
Andrew Murray
f676b10813 Updated libimagequant to 2.14.1 2021-03-03 07:56:29 +11:00
Hugo van Kemenade
b23e261300
Merge pull request #67 from radarhere/update-release-notes 
Expanded "OOB" to "out-of-bounds"
 2021-03-02 15:12:11 +02:00
Andrew Murray
b41dab0e9b Expanded "OOB" to "out-of-bounds" [ci skip] 2021-03-02 23:22:06 +11:00
Hugo van Kemenade
915f68967f Update release notes formatting, links, spelling 2021-03-02 13:16:14 +02:00
Andrew Murray
e563366863
Merge pull request #5299 from heitbaum/patch-1 
CHANGES.rst: update dates
 2021-03-02 20:30:50 +11:00
heitbaum
8e887b62ac
CHANGES.rst: update dates 2021-03-02 20:09:23 +11:00
wiredfool
35f8fafdf5
Merge pull request #5198 from wiredfool/cifuzz 
Add CIFuzz Github Action
 2021-03-01 20:25:30 +00:00
wiredfool
c477bed95f
Merge pull request #5280 from cgohlke/patch-1 
Fix suspicious sequence of types castings
 2021-03-01 20:19:26 +00:00
Eric Soroos
3c96fbf908 Removed "Remove me" testing lines 2021-03-01 21:03:26 +01:00
Andrew Murray
a80cf42275 Added 8.1.1 release notes to index 2021-03-01 19:22:57 +11:00
Andrew Murray
fb4ae1ee3c Update CHANGES.rst [ci skip] 2021-03-01 19:20:52 +11:00
Eric Soroos
c96eac1ca4 Credits 2021-03-01 19:05:23 +11:00
Eric Soroos
3f2b7d7140 Release notes for 8.1.1 2021-03-01 19:05:08 +11:00
Hugo van Kemenade
3bce145966 Use more specific regex chars to prevent ReDoS 
* CVE-2021-25292
 2021-03-01 19:04:57 +11:00
Eric Soroos
cbdce6c5d0 Fix for CVE-2021-25291 
* Invalid tile boundaries lead to OOB Read in TiffDecode.c, in TiffReadRGBATile
* Check the tile validity before attempting to read.
 2021-03-01 19:04:48 +11:00
Eric Soroos
86f02f7c70 Fix negative size read in TiffDecode.c 
* Caught by oss-fuzz runs
* CVE-2021-25290
 2021-03-01 19:04:42 +11:00