Workflow

PyPi: Pillow

CVE-2024-28219

Safety vulnerability ID: 67136

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Apr 03, 2024 Updated at Nov 29, 2024
Scan your Python projects for vulnerabilities →

Advisory

Pillow 10.3.0 introduces a security update addressing CVE-2024-28219 by replacing certain functions with strncpy to prevent buffer overflow issues.

Affected package

pillow

Latest version: 11.0.0

Python Imaging Library (Fork)

Affected versions

Fixed versions

Vulnerability changelog

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html

Changes

- CVE-2024-28219: Use strncpy to avoid buffer overflow 7928 [hugovk]
- Use `functools.lru_cache` for `hopper()` 7912 [hugovk]
- Raise ValueError if seeking to greater than offset-sized integer in TIFF 7883 [radarhere]
- Improve speed of loading QOI images 7925 [radarhere]
- Added RGB to I;16N conversion 7920 [radarhere]
- Add --report argument to __main__.py to omit supported formats 7818 [nulano]
- Added RGB to I;16, I;16L and I;16B conversion 7918 [radarhere]
- Fix editable installation with custom build backend and configuration options 7658 [nulano]
- Fix putdata() for I;16N on big-endian 7209 [Yay295]
- Determine MPO size from markers, not EXIF data 7884 [radarhere]
- Improved conversion from RGB to RGBa, LA and La 7888 [radarhere]
- Support FITS images with GZIP_1 compression 7894 [radarhere]
- Use I;16 mode for 9-bit JPEG 2000 images 7900 [scaramallion]
- Raise ValueError if kmeans is negative 7891 [radarhere]
- Remove TIFF tag OSUBFILETYPE when saving using libtiff 7893 [radarhere]
- Raise ValueError for negative values when loading P1-P3 PPM images 7882 [radarhere]
- Added reading of JPEG2000 palettes 7870 [radarhere]
- Added alpha_quality argument when saving WebP images 7872 [radarhere]
- Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions 7881 [radarhere]
- Removed Python and NumPy pinning on Cygwin 7880 [radarhere]
- Update UnidentifiedImageError and __version__ imports 7644 [radarhere]
- Stop reading EPS image at EOF marker 7753 [radarhere]
- PSD layer co-ordinates may be negative 7706 [radarhere]
- Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer 7791 [radarhere]
- When saving GIF frame that restores to background color, do not fill identical pixels 7788 [radarhere]
- Fixed reading PNG iCCP compression method 7823 [radarhere]
- Allow writing IFDRational to UNDEFINED tag 7840 [radarhere]
- Fix logged tag name when loading Exif data 7842 [radarhere]
- Use maximum frame size in IHDR chunk when saving APNG images 7821 [radarhere]
- Prevent opening P TGA images without a palette 7797 [radarhere]
- Use palette when loading ICO images 7798 [radarhere]
- Use consistent arguments for load_read and load_seek 7713 [radarhere]
- Turn off nullability warnings for macOS SDK 7827 [radarhere]
- Fix shift-sign issue in Convert.c 7838 [r-barnes]
- winbuild: Refactor dependency versions into constants 7843 [hugovk]
- Build macOS arm64 wheels natively 7852 [radarhere]
- Fixed typo 7855 [radarhere]
- Open 16-bit grayscale PNGs as I;16 7849 [radarhere]
- Handle truncated chunks at the end of PNG images 7709 [lajiyuan]
- Match mask size to pasted image size in GifImagePlugin 7779 [radarhere]
- Changed SupportsGetMesh protocol to be public 7841 [radarhere]
- Release GIL while calling `WebPAnimDecoderGetNext` 7782 [evanmiller]
- Fixed reading FLI/FLC images with a prefix chunk 7804 [twolife]
- Updated package name for Tidelift 7810 [radarhere]
- Removed unused code 7744 [radarhere]
- Lint fix 7783 [radarhere]
- Update wl-paste handling and return None for some errors in grabclipboard() on Linux 7745 [nik012003]
- Fixed libXau error in wheels for macOS 10.10 7764 [radarhere]
- Changed name of first _Tile parameter 7772 [radarhere]
- Remove execute bit from `setup.py` 7760 [hugovk]
- Changed ImageMath.ops to be static 7721 [radarhere]
- Fix APNG info after seeking backwards more than twice 7701 [esoma]
- Removed PPM loop to read header tokens 7698 [radarhere]
- Added PerspectiveTransform 7699 [radarhere]
- Add support for reading and writing grayscale PFM images 7696 [nulano]
- Add LCMS2 flags to ImageCms 7676 [nulano]
- Rename x64 to AMD64 in winbuild 7693 [nulano]
- Build QEMU-emulated Linux aarch64 wheels on GitHub Actions instead of Travis CI 7690 [hugovk]
- Simplify FreeTypeFont.getmask2() 7645 [nulano]
- Updated Linux and macOS wheels matrix variable name 7691 [radarhere]
- Skip PyPy3.8 Windows wheel 7682 [radarhere]

Deprecations

- Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() 7927 [hugovk]
- Deprecate ImageCms constants and versions() function 7702 [nulano]

Documentation

- Add type hints to release notes 7923 [hugovk]
- Corrected exiv2.org links 7856 [radarhere]
- Removed references to the "current version" 7905 [radarhere]
- Added release notes for 7872, 7882 and 7891 7904 [radarhere]
- Clean up authors and contributors 7895 [aclark4life]
- Update release notes 7885 [hugovk]
- Backfill release notes with security fix details 7877 [aclark4life]
- Describe difference between font size and bbox 7806 [radarhere]
- Decoders and encoders subclass PyDecoder and PyEncoder 7801 [radarhere]
- Update CI targets on GitHub Actions 7862 [hugovk]
- Update "What about PIL?" section 7861 [aclark4life]
- Update installation docs 7858 [hugovk]
- Move installation.rst to installation/*.rst 7832 [aclark4life]
- Removed references to Twitter 7836 [radarhere]
- Consistently place versionremoved under heading 7829 [radarhere]
- Remove outdated installation warnings 7814 [hugovk]
- PyPI project page URL is now lowercase 7703 [nulano]
- Use "non-zero" consistently 7695 [radarhere]
- Improve ImageTransform documentation 7684 [nulano]
- If ImageGrab.grab() bbox is omitted, screenshot is taken at 2x on Retina screens 7688 [radarhere]
- Updated macOS tested Pillow versions 7689 [radarhere]
- Update Windows 11 tested versions 7685 [nulano]
- ImageGrab.grab() bbox on macOS is not 2x on retina screens 7678 [radarhere]
- Package name is now lowercase in wheel filenames 7681 [radarhere]

Type hints

- Add type hints for ImageCms 7913 [nulano]
- Add type hints to `Image.py` 7924 [hugovk]
- Add type hints to release notes 7923 [hugovk]
- Added `py.typed` and `Typing :: Typed` to support type checking 7822 [radarhere]
- Added remaining type hints to Tests/test_image_*.py 7793 [radarhere]
- Added type hints for ImageShow 7712 [radarhere]
- Added type hints to additional tests 7754 [radarhere]
- Added type hints to additional tests 7755 [radarhere]
- Added type hints to additional tests 7769 [radarhere]
- Added type hints to additional tests 7784 [radarhere]
- Added type hints to additional tests 7794 [radarhere]
- Added type hints to additional tests 7807 [radarhere]
- Added type hints to additional tests 7816 [radarhere]
- Added type hints to additional tests 7846 [radarhere]
- Added type hints to FitsImagePlugin 7714 [radarhere]
- Added type hints to GdImageFile 7727 [radarhere]
- Added type hints to ImageMath 7707 [radarhere]
- Added type hints to ImageMorph 7708 [radarhere]
- Added type hints to ImageOps 7786 [radarhere]
- Added type hints to ImtImagePlugin 7720 [radarhere]
- Added type hints to MpegImagePlugin 7728 [radarhere]
- Added type hints to MspImagePlugin 7719 [radarhere]
- Added type hints to OSS Fuzz scripts 7731 [radarhere]
- Added type hints to PpmImagePlugin 7726 [radarhere]
- Added type hints to seven plugins 7716 [radarhere]
- Added type hints to SgiImagePlugin 7724 [radarhere]
- Added type hints to Tests/check_*.py 7732 [radarhere]
- Added type hints to Tests/conftest.py 7740 [radarhere]
- Added type hints to Tests/helper.py 7733 [radarhere]
- Added type hints to Tests/test_font_*.py 7743 [radarhere]
- Added type hints to TgaImagePlugin 7725 [radarhere]
- Autotype tests 7756 [hugovk]
- Decoders and encoders subclass PyDecoder and PyEncoder 7801 [radarhere]
- Removed mypy excludes 7808 [radarhere]
- Removed mypy excludes, except for olefile-related files 7790 [radarhere]
- Replace `io.BytesIO` in type hints 7750 [hugovk]
- Type hints: Add PYI (flake8-pyi) to Ruff and fix errors 7897 [hugovk]
- Use IO[bytes] in type hints 7795 [radarhere]

Dependencies

- [pre-commit.ci] pre-commit autoupdate and fix deprecations 7780 [pre-commit-ci]
- Install mypy from requirements file 7813 [hugovk]
- Pin codecov/codecov-action to v3.1.5 7776 [hugovk]
- Update actions/cache action to v4 7735 [renovate]
- Update dependency cibuildwheel to v2.16.4 7758 [renovate]
- Update dependency cibuildwheel to v2.16.5 7767 [renovate]
- Update dependency cibuildwheel to v2.17.0 7869 [renovate]
- Update dependency mypy to v1.8.0 7851 [renovate]
- Update dependency mypy to v1.9.0 7866 [renovate]
- Update github-actions to v4 7770 [renovate]
- Update release-drafter/release-drafter action to v6 7774 [renovate]
- Updated Ghostscript to 10.3.0 7887 [radarhere]
- Updated giflib on macOS to 5.2.2 7815 [radarhere]
- Updated harfbuzz to 8.3.1 7886 [radarhere]
- Updated harfbuzz to 8.4.0 7917 [radarhere]
- Updated libimagequant to 4.3.0 7749 [radarhere]
- Updated libjpeg-turbo to 3.0.2 7752 [radarhere]
- Updated libpng to 1.6.43 7768 [radarhere]
- Updated libxcb to 1.16.1 7853 [radarhere]
- Updated openjpeg to 2.5.2 7837 [radarhere]
- Updated xorgproto to 2024.1 7907 [radarhere]
- Updated zlib to 1.3.1 7746 [radarhere]


- Testing

- Use setup_module() to open images so they aren't opened if skipped 7911 [Yay295]
- Skip AppVeyor builds for irrelevant files 7909 [hugovk]
- Revert "Pin Python 3.13 on Windows to a3" 7878 [radarhere]
- Restored testing of non-TrueType default font 7748 [radarhere]
- Parametrize test_seek_mode functions 7847 [Yay295]
- Do not use packaged MinGW pip 7844 [radarhere]
- Parametrize test_p_from_rgb_rgba() 7835 [Yay295]
- Require coverage.py 7.4.2+ for `COVERAGE_CORE: sysmon` 7825 [hugovk]
- Set `COVERAGE_CORE: sysmon` for faster tests on 3.12+ 7820 [hugovk]
- Build docs for Python changes 7819 [nulano]
- Install mypy from requirements file 7813 [hugovk]
- Pin Python 3.13 on Windows to a3 7805 [radarhere]
- Removed platform argument from setup-cygwin action 7775 [radarhere]
- Pin to Python 3.9.16-1 7762 [radarhere]
- Test on macOS M1 where available 7766 [hugovk]
- CI: Cache libimagequant on Linux builds 7741 [hugovk]
- Do not support using test-image-results to upload images after test failures 7739 [radarhere]
- Sort imports in `Tests/` 7736 [hugovk]
- Skip non-wheel CI runs for tags: Windows 7692 [hugovk]

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application