python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2024-11-10 19:56:47 +03:00
Code Issues Packages Projects Releases Wiki Activity
3aefe92bdf
Pillow/docs/releasenotes/6.2.2.rst
pre-commit-ci[bot] 3aefe92bdf [pre-commit.ci] auto fixes from pre-commit.com hooks 
for more information, see https://pre-commit.ci
2024-03-15 10:01:42 -04:00

36 lines
1.3 KiB
ReStructuredText
Raw Blame History

6.2.2
-----
Security
========
This release fixes several buffer overruns and DOS attacks.
:cve:`2019-19911`: DOS attack vulnerability
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If an FPX image reports that it has a large number of bands, a large amount of
resources will be used when trying to process the image. This is fixed by
limiting the number of bands to those usable by Pillow.
:cve:`2020-5310`: Overflow checks added to TIFF image processing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Overflow checks have been added when calculating the size of a memory block to be reallocated
in the processing of a TIFF image.
:cve:`2020-5311`: Overflow checks added to SGI image processing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Buffer overruns were found when processing an SGI image. Checks have been added to prevent this.
:cve:`2020-5312`: Overflow checks added to PCX image processing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Buffer overruns were found when processing a PCX image. Checks have been added to prevent this.
:cve:`2020-5313`: Overflow checks added to FLI image processing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Buffer overruns were found when processing an FLI image. Checks have been added to prevent this.
Reference in New Issue View Git Blame Copy Permalink