mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-12-26 09:56:17 +03:00
15 lines
330 B
ReStructuredText
15 lines
330 B
ReStructuredText
2.5.2
|
|
-----
|
|
|
|
Security
|
|
========
|
|
|
|
:cve:`2014-3589`: Fix DOS attack
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
``PIL/IcnsImagePlugin.py`` in Pillow before 2.3.2 and
|
|
2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted
|
|
block size.
|
|
|
|
Found and reported by Andrew Drake of `Dropbox <https://www.dropbox.com/>`__.
|