Update pillow to 6.2.2 #21156

pyup-bot · 2020-01-14T09:34:31Z

This PR updates pillow from 6.2.1 to 6.2.2.

Changelog

6.2.2

------------------

- This is the last Pillow release to support Python 2.7 3642

- Overflow checks for realloc for tiff decoding. CVE TBD
[wiredfool, radarhere]

- Catch SGI buffer overrun. CVE TBD
[radarhere]

- Catch PCX P mode buffer overrun. CVE TBD
[radarhere]

- Catch FLI buffer overrun. CVE TBD
[radarhere]

- Raise an error for an invalid number of bands in FPX image. CVE-2019-19911
[wiredfool, radarhere]

Links

PyPI: https://pypi.org/project/pillow
Changelog: https://pyup.io/changelogs/pillow/
Homepage: https://python-pillow.org

wpt-pr-bot added infra wptrunner The automated test runner, commonly called through ./wpt run labels Jan 14, 2020

wpt-pr-bot assigned jugglinmike Jan 14, 2020

wpt-pr-bot requested review from gsnedders, jgraham and jugglinmike January 14, 2020 09:34

gsnedders approved these changes Jan 24, 2020

View reviewed changes

Update pillow from 6.2.1 to 6.2.2

b468e6c

gsnedders force-pushed the pyup-update-pillow-6.2.1-to-6.2.2 branch from f58e93a to b468e6c Compare January 24, 2020 15:54

wpt-pr-bot requested review from Hexcles, KyleJu, LukeZielinski and stephenmcgruer January 24, 2020 15:54

Hexcles merged commit 1de7af5 into master Jan 24, 2020

Hexcles deleted the pyup-update-pillow-6.2.1-to-6.2.2 branch January 24, 2020 16:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update pillow to 6.2.2 #21156

Update pillow to 6.2.2 #21156

pyup-bot commented Jan 14, 2020

Update pillow to 6.2.2 #21156

Update pillow to 6.2.2 #21156

Conversation

pyup-bot commented Jan 14, 2020

6.2.2