From 5c160e4e61d03b7b455d590393419721f4ee19e18601c53bce173a1f73b3e8c9 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 3 Apr 2024 08:08:49 +0000 Subject: [PATCH] - update to 10.3.0 (bsc#1222262, CVE-2024-28219): * CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [radarhere, hugovk] * Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [radarhere, hugovk] * Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [radarhere] * Add --report argument to __main__.py to omit supported formats #7818 [nulano, radarhere, hugovk] * Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920 [radarhere] * Fix editable installation with custom build backend and configuration options #7658 [nulano, radarhere] * Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, radarhere] * Determine MPO size from markers, not EXIF data #7884 [radarhere] * Improved conversion from RGB to RGBa, LA and La #7888 [radarhere] * Support FITS images with GZIP_1 compression #7894 [radarhere] * Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, radarhere] * Raise ValueError if kmeans is negative #7891 [radarhere] * Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [radarhere] * Raise ValueError for negative values when loading P1-P3 PPM images #7882 [radarhere] * Added reading of JPEG2000 palettes #7870 [radarhere] * Added alpha_quality argument when saving WebP images #7872 [radarhere] OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=152 --- pillow-10.2.0.tar.gz | 3 -- pillow-10.3.0.tar.gz | 3 ++ python-Pillow.changes | 78 +++++++++++++++++++++++++++++++++++++++++++ python-Pillow.spec | 2 +- 4 files changed, 82 insertions(+), 4 deletions(-) delete mode 100644 pillow-10.2.0.tar.gz create mode 100644 pillow-10.3.0.tar.gz diff --git a/pillow-10.2.0.tar.gz b/pillow-10.2.0.tar.gz deleted file mode 100644 index b78b770..0000000 --- a/pillow-10.2.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e87f0b2c78157e12d7686b27d63c070fd65d994e8ddae6f328e0dcf4a0cd007e -size 46212712 diff --git a/pillow-10.3.0.tar.gz b/pillow-10.3.0.tar.gz new file mode 100644 index 0000000..aaa4f4c --- /dev/null +++ b/pillow-10.3.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9d2455fbf44c914840c793e89aa82d0e1763a14253a000743719ae5946814b2d +size 46572854 diff --git a/python-Pillow.changes b/python-Pillow.changes index e911cbf..0f645fe 100644 --- a/python-Pillow.changes +++ b/python-Pillow.changes @@ -1,3 +1,81 @@ +------------------------------------------------------------------- +Wed Apr 3 07:29:31 UTC 2024 - Dirk Müller + +- update to 10.3.0 (bsc#1222262, CVE-2024-28219): + * CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 + [radarhere, hugovk] + * Deprecate eval(), replacing it with lambda_eval() and + unsafe_eval() #7927 [radarhere, hugovk] + * Raise ValueError if seeking to greater than offset-sized + integer in TIFF #7883 [radarhere] + * Add --report argument to __main__.py to omit supported + formats #7818 [nulano, radarhere, hugovk] + * Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, + #7920 [radarhere] + * Fix editable installation with custom build backend and + configuration options #7658 [nulano, radarhere] + * Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, + radarhere] + * Determine MPO size from markers, not EXIF data #7884 + [radarhere] + * Improved conversion from RGB to RGBa, LA and La #7888 + [radarhere] + * Support FITS images with GZIP_1 compression #7894 [radarhere] + * Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, + radarhere] + * Raise ValueError if kmeans is negative #7891 [radarhere] + * Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 + [radarhere] + * Raise ValueError for negative values when loading P1-P3 PPM + images #7882 [radarhere] + * Added reading of JPEG2000 palettes #7870 [radarhere] + * Added alpha_quality argument when saving WebP images #7872 + [radarhere] + * Fixed joined corners for ImageDraw rounded_rectangle() non- + integer dimensions #7881 [radarhere] + * Stop reading EPS image at EOF marker #7753 [radarhere] + * PSD layer co-ordinates may be negative #7706 [radarhere] + * Use subprocess with CREATE_NO_WINDOW flag in ImageShow + WindowsViewer #7791 [radarhere] + * When saving GIF frame that restores to background color, do + not fill identical pixels #7788 [radarhere] + * Fixed reading PNG iCCP compression method #7823 [radarhere] + * Allow writing IFDRational to UNDEFINED tag #7840 [radarhere] + * Fix logged tag name when loading Exif data #7842 [radarhere] + * Use maximum frame size in IHDR chunk when saving APNG images + #7821 [radarhere] + * Prevent opening P TGA images without a palette #7797 + [radarhere] + * Use palette when loading ICO images #7798 [radarhere] + * Use consistent arguments for load_read and load_seek #7713 + [radarhere] + * Turn off nullability warnings for macOS SDK #7827 [radarhere] + * Fix shift-sign issue in Convert.c #7838 [r-barnes, radarhere] + * Open 16-bit grayscale PNGs as I;16 #7849 [radarhere] + * Handle truncated chunks at the end of PNG images #7709 + [lajiyuan, radarhere] + * Match mask size to pasted image size in GifImagePlugin #7779 + [radarhere] + * Release GIL while calling WebPAnimDecoderGetNext #7782 + [evanmiller, radarhere] + * Fixed reading FLI/FLC images with a prefix chunk #7804 + [twolife] + * Update wl-paste handling and return None for some errors in + grabclipboard() on Linux #7745 [nik012003, radarhere] + * Remove execute bit from setup.py #7760 [hugovk] + * Do not support using test-image-results to upload images + after test failures #7739 [radarhere] + * Changed ImageMath.ops to be static #7721 [radarhere] + * Fix APNG info after seeking backwards more than twice #7701 + [esoma, radarhere] + * Deprecate ImageCms constants and versions() function #7702 + [nulano, radarhere] + * Added PerspectiveTransform #7699 [radarhere] + * Add support for reading and writing grayscale PFM images + #7696 [nulano, hugovk] + * Add LCMS2 flags to ImageCms #7676 [nulano, radarhere, hugovk] + * Rename x64 to AMD64 in winbuild #7693 [nulano] + ------------------------------------------------------------------- Mon Jan 22 06:00:50 UTC 2024 - Steve Kowalik diff --git a/python-Pillow.spec b/python-Pillow.spec index a66acbe..e0a15f0 100644 --- a/python-Pillow.spec +++ b/python-Pillow.spec @@ -18,7 +18,7 @@ %{?sle15_python_module_pythons} Name: python-Pillow -Version: 10.2.0 +Version: 10.3.0 Release: 0 Summary: Python Imaging Library (Fork) License: HPND