6.2.2#

Security#

This release fixes several buffer overflow issues and a DOS attack vulnerability.

CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313: Overflow checks added#

Overflow checks have been added when calculating the size of a memory block to be reallocated in the processing of TIFF, SGI, PCX and FLI images.

CVE-2019-19911: DOS attack vulnerability#

If an FPX image reports that it has a large number of bands, a large amount of resources will be used when trying to process the image. This is fixed by limiting the number of bands to those usable by Pillow.