python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-08-11 07:44:46 +03:00
Code Issues Packages Projects Releases Wiki Activity
Python Imaging Library (Fork)
9,019 Commits 51 Branches 94 Tags 313 MiB
Python 42.2%
C 29.3%
PostScript 27.8%
HTML 0.3%
Shell 0.2%
8400b37ab5
Go to file
Frederick Price 8400b37ab5 BE-584 Cherrypick the fix for CVE-2021-27921 
Original comment:

Fix Memory DOS in Icns, Ico and Blp Image Plugins

Some container plugins that could contain images of other formats,
such as the ICNS format, did not properly check the reported size of
the contained image. These images could cause arbitrariliy large
memory allocations.

This is fixed for all locations where individual *ImageFile classes
are created without going through the usual Image.open method.

(cherry picked from commit 480f6819b5)

Also fixed problems caused by the changes.

Document CVE fix
2023-03-01 11:58:24 -05:00
.azure-pipelines/jobs Changed docker tag to 6.2.x 2019-12-25 23:41:45 +11:00
.github Revert "Only run on push to prevent double runs" 2019-09-13 09:19:59 +03:00
.travis Skip broken install of coveralls-merge on 2.7_with_system_site_packages 2019-07-23 12:45:18 +03:00
depends Updated libimagequant to 2.12.5 2019-07-29 19:32:12 +10:00
docs BE-584 Cherrypick the fix for CVE-2021-27921 2023-03-01 11:58:24 -05:00
src BE-584 Cherrypick the fix for CVE-2021-27921 2023-03-01 11:58:24 -05:00
Tests BE-584 Cherrypick the fix for CVE-2021-27921 2023-03-01 11:58:24 -05:00
winbuild Test on Python 3.8 2019-12-26 09:54:23 +11:00
.appveyor.yml Test on Python 3.8 2019-12-26 09:54:02 +11:00
.codecov.yml Avoid "Missing base report" due to committing CHANGES.rst with "[CI skip]" 2018-01-10 16:33:15 +02:00
.coveragerc Don't exclude Windows code 2014-07-05 21:32:09 +03:00
.editorconfig Remove duplicate line [CI skip] 2016-09-03 12:37:47 +03:00
.gitattributes Set EPS test files as binary 2018-12-29 21:53:07 -08:00
.gitignore Add documentation to Image module 2019-04-06 13:42:22 -07:00
.readthedocs.yml Install project using pip in ReadTheDocs build 2018-10-24 19:46:43 +11:00
.travis.yml Added CentOS 8 2019-12-26 21:20:19 +11:00
azure-pipelines.yml Added CentOS 8 2019-12-26 21:20:19 +11:00
CHANGES.rst BE-584 Cherrypick the fix for CVE-2021-27921 2023-03-01 11:58:24 -05:00
LICENSE Updated copyright year 2020-01-01 14:03:55 +11:00
Makefile Update Python 2 doc URLs to Python 3 2018-06-09 21:04:34 -07:00
MANIFEST.in Remove empty, unused directory docs/_static 2019-07-06 16:37:57 -07:00
mp_compile.py Introduce isort to automate import ordering and formatting 2019-07-06 16:11:35 -07:00
README.rst Added branding info/intent of fork. 2021-10-08 13:08:13 -07:00
RELEASING.md Stable is now the default ReadTheDocs version [ci skip] 2019-04-03 14:02:52 +11:00
requirements.txt Remove unnecessary depedencies of dependencies 2019-07-27 16:35:52 +03:00
selftest.py Introduce isort to automate import ordering and formatting 2019-07-06 16:11:35 -07:00
setup.cfg Introduce isort to automate import ordering and formatting 2019-07-06 16:11:35 -07:00
setup.py Add support for Python 3.8 2019-10-20 13:11:45 +03:00
tox.ini Add support for Python 3.8 2019-10-20 13:11:45 +03:00

README.rst 

Pillow
======

Python Imaging Library (Fork)
-----------------------------

Pillow is the friendly PIL fork by `Alex Clark and Contributors <https://github.com/python-pillow/Pillow/graphs/contributors>`_. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is `supported by Tidelift <https://tidelift.com/subscription/pkg/pypi-pillow>`_.

This is the `ActiveState <https://activestate.com>`_ fork to provide CVE fixes for Python 2.7.

.. start-badges

.. list-table::
    :stub-columns: 1

    * - docs
      - |docs|
    * - tests
      - |linux| |macos| |windows| |coverage|
    * - package
      - |zenodo| |tidelift| |version| |downloads|
    * - social
      - |gitter| |twitter|

.. end-badges

More Information
----------------

- `Documentation <https://pillow.readthedocs.io/>`_

  - `Installation <https://pillow.readthedocs.io/en/latest/installation.html>`_
  - `Handbook <https://pillow.readthedocs.io/en/latest/handbook/index.html>`_

- `Contribute <https://github.com/python-pillow/Pillow/blob/master/.github/CONTRIBUTING.md>`_

  - `Issues <https://github.com/python-pillow/Pillow/issues>`_
  - `Pull requests <https://github.com/python-pillow/Pillow/pulls>`_

- `Changelog <https://github.com/python-pillow/Pillow/blob/master/CHANGES.rst>`_

  - `Pre-fork <https://github.com/python-pillow/Pillow/blob/master/CHANGES.rst#pre-fork>`_

Report a Vulnerability
----------------------

To report a security vulnerability, please follow the procedure described in the `Tidelift security policy <https://tidelift.com/docs/security>`_.

.. |docs| image:: https://readthedocs.org/projects/pillow/badge/?version=latest
   :target: https://pillow.readthedocs.io/?badge=latest
   :alt: Documentation Status

.. |linux| image:: https://img.shields.io/travis/python-pillow/Pillow/master.svg?label=Linux%20build
   :target: https://travis-ci.org/python-pillow/Pillow
   :alt: Travis CI build status (Linux)

.. |macos| image:: https://img.shields.io/travis/python-pillow/pillow-wheels/master.svg?label=macOS%20build
   :target: https://travis-ci.org/python-pillow/pillow-wheels
   :alt: Travis CI build status (macOS)

.. |windows| image:: https://img.shields.io/appveyor/ci/python-pillow/Pillow/master.svg?label=Windows%20build
   :target: https://ci.appveyor.com/project/python-pillow/Pillow
   :alt: AppVeyor CI build status (Windows)

.. |coverage| image:: https://codecov.io/gh/python-pillow/Pillow/branch/master/graph/badge.svg
   :target: https://codecov.io/gh/python-pillow/Pillow
   :alt: Code coverage

.. |zenodo| image:: https://zenodo.org/badge/17549/python-pillow/Pillow.svg
   :target: https://zenodo.org/badge/latestdoi/17549/python-pillow/Pillow

.. |tidelift| image:: https://tidelift.com/badges/package/pypi/Pillow?style=flat
   :target: https://tidelift.com/subscription/pkg/pypi-pillow?utm_source=pypi-pillow&utm_medium=referral&utm_campaign=readme

.. |version| image:: https://img.shields.io/pypi/v/pillow.svg
   :target: https://pypi.org/project/Pillow/
   :alt: Latest PyPI version

.. |downloads| image:: https://img.shields.io/pypi/dm/pillow.svg
   :target: https://pypi.org/project/Pillow/
   :alt: Number of PyPI downloads

.. |gitter| image:: https://badges.gitter.im/python-pillow/Pillow.svg
   :target: https://gitter.im/python-pillow/Pillow?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
   :alt: Join the chat at https://gitter.im/python-pillow/Pillow

.. |twitter| image:: https://img.shields.io/badge/tweet-on%20Twitter-00aced.svg
   :target: https://twitter.com/PythonPillow
   :alt: Follow on https://twitter.com/PythonPillow