mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-09-21 11:28:58 +03:00
19 lines
617 B
ReStructuredText
19 lines
617 B
ReStructuredText
6.2.2
|
|
-----
|
|
|
|
Security
|
|
========
|
|
|
|
This release addresses several security problems (CVEs TBD), as well as addressing
|
|
CVE-2019-19911.
|
|
|
|
CVE-2019-19911 is regarding FPX images. If an image reports that it has a large number
|
|
of bands, a large amount of resources will be used when trying to process the
|
|
image. This is fixed by limiting the number of bands to those usable by Pillow.
|
|
|
|
Buffer overruns were found when processing an SGI, PCX or FLI image. Checks
|
|
have been added to prevent this.
|
|
|
|
Overflow checks have been added when calculating the size of a memory block to
|
|
be reallocated in the processing of a TIFF image.
|