6.2.2

来源:Pillow 浏览 322 扫码分享 2020-04-03 20:40:51

6.2.2
- Security

6.2.2

Security

This release addresses several security problems.

CVE-2019-19911 is regarding FPX images. If an image reports that it has a large numberof bands, a large amount of resources will be used when trying to process theimage. This is fixed by limiting the number of bands to those usable by Pillow.

Buffer overruns were found when processing an SGI (CVE-2020-5311), PCX (CVE-2020-5312)or FLI image (CVE-2020-5313). Checks have been added to prevent this.

CVE-2020-5310: Overflow checks have been added when calculating the size of a memoryblock to be reallocated in the processing of a TIFF image.

当前内容版权归 Pillow 或其关联方所有，如需对内容或内容相关联开源项目进行关注与资助，请访问 Pillow .

本文档使用 BookStack 构建