Skip to content

Latest commit

 

History

History
35 lines (23 loc) · 1.3 KB

6.2.2.rst

File metadata and controls

35 lines (23 loc) · 1.3 KB
Raw

6.2.2

Security

This release fixes several buffer overruns and DOS attacks.

2019-19911: DOS attack vulnerability

If an FPX image reports that it has a large number of bands, a large amount of resources will be used when trying to process the image. This is fixed by limiting the number of bands to those usable by Pillow.

2020-5310: Overflow checks added to TIFF image processing

Overflow checks have been added when calculating the size of a memory block to be reallocated in the processing of a TIFF image.

2020-5311: Overflow checks added to SGI image processing

Buffer overruns were found when processing an SGI image. Checks have been added to prevent this.

2020-5312: Overflow checks added to PCX image processing

Buffer overruns were found when processing a PCX image. Checks have been added to prevent this.

2020-5313: Overflow checks added to FLI image processing

Buffer overruns were found when processing an FLI image. Checks have been added to prevent this.