| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| toplevel-setup.py | no | |||||
| generate-webp-file | no | |||||
| js-script-file.diff | no | |||||
| no-sphinx-removed-in.diff | no | |||||
| CVE-2021-25287_CVE-2021-25288.patch | [PATCH] Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288 * For J2k images with multiple bands, it's legal in to have different widths for each band, e.g. 1 byte for L, 4 bytes for A * This dates to Pillow 2.4.0 |
Eric Soroos <eric-github@soroos.net> | no | 2021-03-07 | ||
| CVE-2021-28675.patch | [PATCH] Fix DOS in PSDImagePlugin -- CVE-2021-28675 * PSDImagePlugin did not sanity check the number of input layers and vs the size of the data block, this could lead to a DOS on Image.open prior to Image.load. * This issue dates to the PIL fork |
Eric Soroos <eric-github@soroos.net> | no | 2021-03-07 | ||
| CVE-2021-28676.patch | [PATCH] Fix FLI DOS -- CVE-2021-28676 * FliDecode did not properly check that the block advance was non-zero, potentally leading to an infinite loop on load. * This dates to the PIL Fork * Found with oss-fuzz |
Eric Soroos <eric-github@soroos.net> | no | 2021-03-11 | ||
| CVE-2021-28677.patch | [PATCH] Fix EPS DOS on _open -- CVE-2021-28677 * The readline used in EPS has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. * A malicious EPS file could use this to perform a DOS of Pillow in the open phase, before an image was accepted for opening. * This dates to the PIL Fork diff --git a/src/PIL/EpsImagePlugin.py b/src/PIL/EpsImagePlugin.py index dc61f48edc9..3bf8ee0ab35 100644 |
Eric Soroos <eric-github@soroos.net> | no | 2021-03-08 | ||
| CVE-2021-28678.patch | [PATCH] Fix BLP DOS -- CVE-2021-28678 * BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DOS where the decoder could be run a large number of times on empty data * This dates to Pillow 5.1.0 diff --git a/src/PIL/BlpImagePlugin.py b/src/PIL/BlpImagePlugin.py index 88aae80eb96..e07474621d9 100644 |
Eric Soroos <eric-github@soroos.net> | no | 2021-03-07 | ||
| CVE-2021-34552.patch | [PATCH 2/2] Use snprintf instead of sprintf * https://github.com/python-pillow/Pillow/pull/5567/files * Replace sprintf with snprintf in src/libImaging/Convert.c |
Andrew Murray <radarhere@users.noreply.github.com> | no | 2021-06-30 | ||
| CVE-2022-22815_CVE-2022-22816_CVE-2022-22817.patch | Backport of https://github.com/python-pillow/Pillow/commit/1e092419b6806495c683043ab3feb6ce264f3b9c (CVE-2022-22815) https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c (CVE-2022-22816) https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11 (CVE-2022-22817) |
no |