asonix/mastodon
1
1
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity
mastodon/lib
History
Pierre Bourdon 1659788de4 blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388) 
The Blurhash library used by Mastodon requires an input encoded as 24
bits raw RGB data. The conversion to raw RGB using Imagemagick did not
previously specify the desired bit depth. In some situations, this leads
Imagemagick to output in a pixel format using less bpp than expected.
This then manifested as segfaults of the Sidekiq process due to
out-of-bounds read, or potentially a (highly noisy) memory infoleak.

Fixes #19235.
2022-11-14 11:20:41 +01:00
..
active_record
assets
chewy/strategy Change search indexing to use batches to minimize resource usage (#18451) 2022-05-18 23:29:14 +02:00
devise
generators
json_ld
mastodon Bump version to 3.5.3 (#18530) 2022-05-26 23:26:15 +02:00
paperclip blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388) 2022-11-14 11:20:41 +01:00
rails
redis
sanitize_ext
tasks Fix redis configuration not being changed by mastodon:setup (#18383) 2022-05-09 23:19:11 +02:00
templates
terrapin
webpacker
cli.rb Add ability for admins to delete canonical email blocks (#16644) 2021-12-17 23:02:14 +01:00
enumerable.rb
exceptions.rb Fix error resposes for from search prefix (#17963) 2022-04-08 21:21:49 +02:00