mirror of
https://github.com/python-pillow/Pillow.git
synced 2025-01-13 18:56:17 +03:00
bae0c988e6
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
28 lines
1.1 KiB
ReStructuredText
28 lines
1.1 KiB
ReStructuredText
8.1.2
|
|
-----
|
|
|
|
Security
|
|
========
|
|
|
|
:cve:`2021-27921`: There is an exhaustion of memory DOS in BLP images
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
There is an exhaustion of memory DOS in BLP images. where Pillow did not properly check the
|
|
reported size of the contained image. These images could cause arbitrarily large memory
|
|
allocations.
|
|
|
|
:cve:`2021-27922`: There is an exhaustion of memory DOS in ICNS images
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
There is an exhaustion of memory DOS in ICNS images where Pillow did not properly check the
|
|
reported size of the contained image. These images could cause arbitrarily large memory allocations.
|
|
|
|
:cve:`2021-27923`: There is an exhaustion of memory DOS in ICO images
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
There is an exhaustion of memory DOS in ICO images where Pillow did not properly check the reported
|
|
size of the contained image. These images could cause arbitrarily large memory allocations.
|
|
|
|
These were reported by Jiayi Lin, Luke Shaffer, Xinran Xie and
|
|
Akshay Ajayan of `Arizona State University <https://www.asu.edu/>`_.
|