Added security release notes

2026-04-01 16:49:20 +11:00 · 2026-04-01 16:49:20 +11:00 · c4f7aa5dfb
commit c4f7aa5dfb
parent 3cb814f338
1 changed files with 25 additions and 6 deletions
--- a/docs/releasenotes/12.2.0.rst
+++ b/docs/releasenotes/12.2.0.rst
@ -4,15 +4,34 @@
 Security
 ========

-TODO
-^^^^
+Prevent FITS decompression bomb
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

-TODO
+When decompressing GZIP data from a FITS image, Pillow did not limit the amount of data
+being read, meaning that it was vulnerable to GZIP decompression bombs. This was
+introduced in Pillow 10.3.0.

-:cve:`YYYY-XXXXX`: TODO
-^^^^^^^^^^^^^^^^^^^^^^^
+The data being read is now limited to only the necessary amount.

-TODO
+Fix OOB write with invalid tile extents
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Pillow 12.1.1 added improved checks for tile extents to prevent an OOB write from
+specially crafted PSD images in Pillow >= 10.3.0. However, these checks did not
+consider integer overflow. This has been corrected.
+
+Prevent PDF parsing trailer infinite loop
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+When parsing a PDF, if a trailer refers to itself, or a more complex cyclic loop
+exists, then an infinite loop occurs. Pillow now keeps a record of which trailers it
+has already processed. PdfParser was added in Pillow 4.2.0.
+
+Integer overflow when processing fonts
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If a font advances for each glyph by an exceeding large amount, when Pillow keeps track
+of the current position, it may lead to an integer overflow. This has been fixed.

 API changes
 ===========