Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix for Buffer Read Overrun in PCX Decoding #5174

Merged
merged 2 commits into from Jan 2, 2021
Merged

Conversation

@radarhere
Copy link
Member

@radarhere radarhere commented Jan 2, 2021

CVE-2020-35653 - Buffer Read Overrun in PCX Decoding. The PCX Image decoder used the reported image stride to calculate the row buffer, rather than calculating it from the image size. This issue dates back to the PIL fork. Thanks to Google's OSS-Fuzz project for finding this.

wiredfool and others added 2 commits Jan 2, 2021
* Don't trust the image to specify a buffer size
@radarhere radarhere merged commit 0117694 into python-pillow:master Jan 2, 2021
50 checks passed
@radarhere radarhere deleted the pcx branch Jan 2, 2021
@radarhere radarhere changed the title Fix for Read Overflow in PCX Decoding Fix for Buffer Read Overrun in PCX Decoding Jan 2, 2021
tcullum-rh
Copy link

tcullum-rh commented on 2f40926 Jan 13, 2021

Note: This commit is labeled as CVE-2020-35655 but per https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security this should be CVE-2020-35653. CVE-2020-35655 Fix for SGI Decode buffer overrun which is also the case on MITRE CVE page.

earthgecko added a commit to earthgecko/skyline that referenced this issue Jan 15, 2021
IssueID #3940: SNYK-PYTHON-PILLOW-1055461 and SNYK-PYTHON-PILLOW-1055462

- Added Pillow==8.1.0 as matplotlib@3.3.3 introduced pillow@8.0.1 and Pillow is
  now fixed at 8.1.0 as per:
  https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055461
  https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055462
  python-pillow/Pillow#5174 which fixes CVE-2020-35653
  and CVE-2020-35655

Modified:
dev-requirements.txt
requirements.txt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants