6.2.2

安全

此版本解决几个安全问题。

CVE-2019-19911 is regarding FPX images. If an image reports that it has a large number of bands, a large amount of resources will be used when trying to process the image. This is fixed by limiting the number of bands to those usable by Pillow.

Buffer overruns were found when processing an SGI (CVE-2020-5311), PCX (CVE-2020-5312) or FLI image (CVE-2020-5313). Checks have been added to prevent this.

CVE-2020-5310: 当计算的存储器块的大小，以在一个TIFF图像的处理被重新分配溢出检查已被添加。