Clean up for #7864

docs/releasenotes/10.0.0.rst

@@ -17,10 +17,10 @@ been processed before Pillow started checking for decompression bombs.
 Fix CVE-2023-44271
 ^^^^^^^^^^^^^^^^^^
 
-Added ImageFont.MAX_STRING_LENGTH.
-
 .. note:: More information about this vulnerability included in database record :cve:`2023-44271`
 
+Added ImageFont.MAX_STRING_LENGTH.
+
 To protect against potential DOS attacks when using arbitrary strings as text
 input, Pillow will now raise a :py:exc:`ValueError` if the number of characters
 passed into ImageFont methods is over a certain limit,

docs/releasenotes/10.0.1.rst

@@ -7,8 +7,6 @@ Security
 Fix CVE-2023-4863
 ^^^^^^^^^^^^^^^^^
 
-Updated install script and wheels with libwebp 1.3.2
-
 .. note:: More information about this vulnerability included in database record :cve:`2023-4863`
 
 This release provides an updated install script and updated wheels to

docs/releasenotes/10.2.0.rst

@@ -28,10 +28,10 @@ they do not extend beyond the bitmap image.
 Fix CVE-2023-50447
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-ImageMath.eval: Restricted environment keys.
-
 .. note:: More information about this vulnerability included in database record :cve:`2023-50447`
 
+ImageMath.eval: Restricted environment keys.
+
 If an attacker has control over the keys passed to the
 ``environment`` argument of :py:meth:`PIL.ImageMath.eval`, they may be able to execute
 arbitrary code. To prevent this, keys matching the names of builtins and keys

docs/releasenotes/3.1.1.rst

@@ -7,10 +7,10 @@ Security
 Fix CVE-2016-0740
 ^^^^^^^^^^^^^^^^^
 
-Buffer overflow in TiffDecode.c.
-
 .. note:: More information about this vulnerability included in database record :cve:`2016-0740`
 
+Buffer overflow in TiffDecode.c.
+
 Pillow 3.1.0 and earlier when linked against
 libtiff >= 4.0.0 on x64 may overflow a buffer when reading a
 specially crafted tiff file. 
@@ -29,10 +29,10 @@ This issue was found by security researcher FourOne.
 Fix CVE-2016-0775
 ^^^^^^^^^^^^^^^^^
 
-Buffer overflow in FliDecode.c.
-
 .. note:: More information about this vulnerability included in database record :cve:`2016-0775`
 
+Buffer overflow in FliDecode.c.
+
 In all versions of Pillow, dating back at least to
 the last PIL 1.1.7 release, FliDecode.c has a buffer overflow error. 
 
@@ -62,10 +62,10 @@ This issue was found by Alyssa Besseling at Atlassian.
 Fix CVE-2016-2533
 ^^^^^^^^^^^^^^^^^
 
-Buffer overflow in PcdDecode.c.
-
 .. note:: More information about this vulnerability available in :cve:`2016-2533`
 
+Buffer overflow in PcdDecode.c.
+
 In all versions of Pillow, dating back at least to the
 last PIL 1.1.7 release, ``PcdDecode.c`` has a buffer overflow error. 
 

docs/releasenotes/3.1.2.rst

@@ -7,10 +7,10 @@ Security
 Fix CVE-2016-3076
 ^^^^^^^^^^^^^^^^^
 
-Buffer overflow in Jpeg2KEncode.c.
-
 .. note:: More information about this vulnerability included in database record :cve:`2016-3076`
 
+Buffer overflow in Jpeg2KEncode.c.
+
 Pillow between 2.5.0 and 3.1.1 may overflow a buffer
 when writing large Jpeg2000 files, allowing for code execution or other
 memory corruption. 

docs/releasenotes/6.2.0.rst

@@ -26,8 +26,6 @@ perform operations on it.
 Fix CVE-2019-16865
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-DOS attack vulnerabilities.
-
 .. note:: More information about this vulnerability included in database record :cve:`2019-16865`
 
 The CVE is regarding DOS problems, such as consuming large

docs/releasenotes/6.2.2.rst

@@ -9,51 +9,39 @@ This release fixes several buffer overruns and DOS attacks reported in CVE-2019-
 Fix CVE-2019-19911
 ^^^^^^^^^^^^^^^^^^
 
-DOS attack vulnerability.
-
 .. note:: More information about this vulnerability included in database record :cve:`2019-19911`
 
+DOS attack vulnerability.
+
 If an FPX image reports that it has a large number of bands, a large amount of
 resources will be used when trying to process the image. This is fixed by
 limiting the number of bands to those usable by Pillow.
 
-
 Fix CVE-2020-5310
 ^^^^^^^^^^^^^^^^^
 
-Overflow checks added to TIFF image processing.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-5310`
 
-Overflow checks have been added when calculating the size of a
-memory block to be reallocated in the processing of a TIFF image.
+Overflow checks have been added when calculating the size of a memory block to be reallocated
+in the processing of a TIFF image.
 
 Fix CVE-2020-5311
 ^^^^^^^^^^^^^^^^^
 
-Overflow checks added to SGI image processing.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-5311`
 
-Buffer overruns were found when processing an SGI image. Checks
-have been added to prevent this.
+Buffer overruns were found when processing an SGI image. Checks have been added to prevent this.
 
 Fix CVE-2020-5312
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-Overflow checks added to PCX image processing.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-5312`
 
-Buffer overruns were found when processing an SGI PCX. Checks have
-been added to prevent this.
+Buffer overruns were found when processing an SGI PCX. Checks have been added to prevent this.
 
 Fix CVE-2020-5313
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-Overflow checks added to FLI image processing.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-5313`
 
-Buffer overruns were found when processing an FLI image. Checks
-have been added to prevent this.
+Buffer overruns were found when processing an FLI image. Checks have been added to prevent this.

docs/releasenotes/7.1.0.rst

@@ -9,38 +9,38 @@ This release includes many security fixes.
 Fix CVE-2020-10177
 ^^^^^^^^^^^^^^^^^^
 
-Multiple out-of-bounds reads in FLI decoding.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-10177`
 
+Multiple out-of-bounds reads in FLI decoding.
+
 Fix CVE-2020-10378
 ^^^^^^^^^^^^^^^^^^
 
-Bounds overflow in PCX decoding.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-10378`
 
+Bounds overflow in PCX decoding.
+
 Fix CVE-2020-10379
 ^^^^^^^^^^^^^^^^^^
 
-Two buffer overflows in TIFF decoding
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-10379`
 
+Two buffer overflows in TIFF decoding.
+
 Fix CVE-2020-10994
 ^^^^^^^^^^^^^^^^^^
 
-Bounds overflow in JPEG 2000 decoding
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-10994`
 
+Bounds overflow in JPEG 2000 decoding.
+
 Fix CVE-2020-11538
 ^^^^^^^^^^^^^^^^^^
 
-Buffer overflow in SGI-RLE decoding
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-11538`
 
+Buffer overflow in SGI-RLE decoding.
+
 API Changes
 ===========
 

docs/releasenotes/8.0.1.rst

@@ -7,11 +7,9 @@ Security
 Fix CVE-2020-15999
 ^^^^^^^^^^^^^^^^^^
 
-Update FreeType version in wheels.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-15999`
 
-Update FreeType used in binary wheels to `2.10.4`_. 
+Update FreeType in wheels to `2.10.4`_. 
 
   - A heap buffer overflow has been found  in the handling of embedded PNG bitmaps,
     introduced in FreeType version 2.6.

docs/releasenotes/8.1.0.rst

@@ -12,21 +12,21 @@ This release includes security fixes.
 Fix CVE-2020-35653
 ^^^^^^^^^^^^^^^^^^
 
-Buffer read overrun in PCX decoding.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-35653`
 
+Buffer read overrun in PCX decoding.
+
 The PCX image decoder used the reported image stride to calculate
 the row buffer, rather than calculating it from the image size. This issue dates back
 to the PIL fork. Thanks to Google's `OSS-Fuzz`_ project for finding this.
 
 Fix CVE-2020-35654
 ^^^^^^^^^^^^^^^^^^
 
-TIFF out-of-bounds write error.
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-35654`
 
+TIFF out-of-bounds write error.
+
 Out-of-bounds write in ``TiffDecode.c`` when reading corrupt YCbCr
 files in some LibTIFF versions (4.1.0/Ubuntu 20.04, but not 4.0.9/Ubuntu 18.04).
 In some cases LibTIFF's interpretation of the file is different when reading in RGBA mode,
@@ -37,10 +37,10 @@ versions from 6.0.0 to 8.0.1, depending on the version of LibTIFF. This was repo
 Fix CVE-2020-35655
 ^^^^^^^^^^^^^^^^^^
 
-SGI Decode buffer overrun
-
 .. note:: More information about this vulnerability included in database record :cve:`2020-35655`
 
+SGI Decode buffer overrun.
+
 4 byte read overflow in ``SgiRleDecode.c``, where the code was not correctly
 checking the offsets and length tables. Independently reported through `Tidelift`_ and Google's
 `OSS-Fuzz`_. This vulnerability covers Pillow versions 4.3.0->8.0.1.

docs/releasenotes/8.1.1.rst

@@ -7,49 +7,37 @@ Security
 Fix CVE-2021-25289 
 ^^^^^^^^^^^^^^^^^^
 
-The previous fix for CVE-2020-35654 was insufficient.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-25289`
 
 The previous fix for :cve:`2020-35654` was insufficient due to incorrect error checking in ``TiffDecode.c``.
 
 Fix CVE-2021-25290
 ^^^^^^^^^^^^^^^^^^
 
-In ``TiffDecode.c`` there is a negative-offset.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-25290`
 
-In ``TiffDecode.c``, there is a negative-offset ``memcpy``
-with an invalid size.
+In ``TiffDecode.c``, there is a negative-offset ``memcpy`` with an invalid size.
 
 Fix CVE-2021-25291
 ^^^^^^^^^^^^^^^^^^
 
-``TiffDecode.c`` has invalid tile boundaries.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-25291`
 
-In ``TiffDecode.c``, invalid tile boundaries could lead to
-an out-of-bounds read in ``TIFFReadRGBATile``.
+In ``TiffDecode.c``, invalid tile boundaries could lead to an out-of-bounds read in ``TIFFReadRGBATile``.
 
 Fix CVE-2021-25292
 ^^^^^^^^^^^^^^^^^^
 
-The PDF parser has a catastrophic backtracking regex.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-25292`:
 
-The PDF parser has a catastrophic backtracking regex
-that could be used as a DOS attack.
+The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
 
 Fix CVE-2021-25293
 ^^^^^^^^^^^^^^^^^^
 
-There is an out-of-bounds read in ``SgiRleDecode.c`` since Pillow 4.3.0.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-25293`
 
+There is an out-of-bounds read in ``SgiRleDecode.c`` since Pillow 4.3.0.
 
 Other Changes
 =============

docs/releasenotes/8.1.2.rst

@@ -7,38 +7,27 @@ Security
 Fix CVE-2021-27921
 ^^^^^^^^^^^^^^^^^^
 
-There is an exhaustion of memory DOS in BLP images.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-27921`
 
-There is an exhaustion of memory DOS in BLP
-images where Pillow did not properly check the reported size of the
-contained image. These images could cause arbitrarily large memory
+There is an exhaustion of memory DOS in BLP images. where Pillow did not properly check the
+reported size of the contained image. These images could cause arbitrarily large memory
 allocations.
 
 Fix CVE-2021-27922
 ^^^^^^^^^^^^^^^^^^
 
-There is an exhaustion of memory DOS in ICNS images.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-27921`
 
-There is an exhaustion of memory DOS in the ICNS
-images where Pillow did not properly check the reported size of the
-contained image. These images could cause arbitrarily large memory
-allocations.
+There is an exhaustion of memory DOS in ICNS images where Pillow did not properly check the
+reported size of the contained image. These images could cause arbitrarily large memory allocations.
 
 Fix CVE-2021-27923
 ^^^^^^^^^^^^^^^^^^
 
-There is an exhaustion of memory DOS in ICO images.
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-27923`
 
-There is an exhaustion of memory DOS in ICO
-images where Pillow did not properly check the reported size of the
-contained image. These images could cause arbitrarily large memory
-allocations.
+There is an exhaustion of memory DOS in ICO images where Pillow did not properly check the reported
+size of the contained image. These images could cause arbitrarily large memory allocations.
 
 These were reported by Jiayi Lin, Luke Shaffer, Xinran Xie and
 Akshay Ajayan of `Arizona State University <https://www.asu.edu/>`_.

docs/releasenotes/8.2.0.rst

@@ -9,11 +9,11 @@ These were all found with `OSS-Fuzz`_.
 Fix CVE-2021-25287, CVE-2021-25288, CVE-2021-28675
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-OOB read in Jpeg2KDecode
-
 .. note:: More information about these vulnerabilities included in database records
     :cve:`2021-25287`, :cve:`2021-25288`, :cve:`2021-28675`
 
+OOB read in Jpeg2KDecode
+
 * For J2k images with multiple bands, it's legal to have different widths for each band,
   e.g. 1 byte for ``L``, 4 bytes for ``A``.
 * This dates to Pillow 2.4.0.

docs/releasenotes/8.3.0.rst

@@ -10,10 +10,10 @@ Buffer overflow
 Fix CVE-2021-34552
 ^^^^^^^^^^^^^^^^^^
 
-Buffer overflow
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-34552`
 
+Buffer overflow
+
 PIL since 1.1.4 and Pillow since 1.0 allowed parameters passed into a convert function to trigger
 buffer overflow in Convert.c.
 

docs/releasenotes/8.3.2.rst

@@ -7,10 +7,10 @@ Security
 Fix CVE-2021-23437
 ^^^^^^^^^^^^^^^^^^
 
-Avoid potential ReDoS (regular expression denial of service)
-
 .. note:: More information about this vulnerability included in database record :cve:`2021-23437`
 
+Avoid potential ReDoS (regular expression denial of service)
+
 Avoid a potential ReDoS (regular expression denial of service) in :py:class:`~PIL.ImageColor`'s
 :py:meth:`~PIL.ImageColor.getrgb` by raising :py:exc:`ValueError` if the color specifier is
 too long. Present since Pillow 5.2.0.