* CVE-2024-28219: Use strncpy to avoid buffer overflow #7928
[radarhere, hugovk]
* Deprecate eval(), replacing it with lambda_eval() and
unsafe_eval() #7927 [radarhere, hugovk]
* Raise ValueError if seeking to greater than offset-sized
integer in TIFF #7883 [radarhere]
* Add --report argument to __main__.py to omit supported
formats #7818 [nulano, radarhere, hugovk]
* Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918,
#7920 [radarhere]
* Fix editable installation with custom build backend and
configuration options #7658 [nulano, radarhere]
* Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk,
radarhere]
* Determine MPO size from markers, not EXIF data #7884
[radarhere]
* Improved conversion from RGB to RGBa, LA and La #7888
[radarhere]
* Support FITS images with GZIP_1 compression #7894 [radarhere]
* Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion,
radarhere]
* Raise ValueError if kmeans is negative #7891 [radarhere]
* Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893
[radarhere]
* Raise ValueError for negative values when loading P1-P3 PPM
images #7882 [radarhere]
* Added reading of JPEG2000 palettes #7870 [radarhere]
* Added alpha_quality argument when saving WebP images #7872
[radarhere]
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=152
* Add ``keep_rgb`` option when saving JPEG to prevent conversion of
RGB colorspace
* Trim glyph size in ImageFont.getmask()
* Deprecate IptcImagePlugin helpers
* Allow uncompressed TIFF images to be saved in chunks
* Concatenate multiple JPEG EXIF markers
* Changed IPTC tile tuple to match other plugins
* Do not assign new fp attribute when exiting context manager
* Support arbitrary masks for uncompressed RGB DDS images
* Support setting ROWSPERSTRIP tag
* Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask()
* Optimise ``ImageColor`` using ``functools.lru_cache``
* Restricted environment keys for ImageMath.eval()
(CVE-2023-50447, bsc#1219048)
* Optimise ``ImageMode.getmode`` using ``functools.lru_cache``
* Fix incorrect color blending for overlapping glyphs
* Attempt memory mapping when tile args is a string
* Fill identical pixels with transparency in subsequent frames when
saving GIF
* Corrected duration when combining multiple GIF frames into single frame
* Handle disposing GIF background from outside palette
* Seek past the data when skipping a PSD layer
* Import plugins relative to the module
* Translate encoder error codes to strings; deprecate
``ImageFile.raise_oserror()``
* Support reading BC4U and DX10 BC1 images
* Optimize ImageStat.Stat.extrema
* Handle pathlib.Path in FreeTypeFont
* Added support for reading DX10 BC4 DDS images
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=150
* Added TrueType default font to allow for different sizes
* Fixed invalid argument warning #7442
* Added ImageOps cover method #7412
* Catch struct.error from truncated EXIF when reading JPEG DPI
* Consider default image when selecting mode for PNG save_all
* Support BGR;15, BGR;16 and BGR;24 access, unpacking and
putdata #7303
* Added CMYK to RGB unpacker #7310
* Improved flexibility of XMP parsing #7274
* Support reading 8-bit YCbCr TIFF images #7415
* Allow saving I;16B images as PNG #7302
* Corrected drawing I;16 points and writing I;16 text #7257
* Set blue channel to 128 for BC5S #7413
* Increase flexibility when reading IPTC fields #7319
* Set C palette to be empty by default #7289
* Added gs_binary to control Ghostscript use on all platforms
* Read bounding box information from the trailer of EPS files
if specified #7382
* Added reading 8-bit color DDS images #7426
* Added has_transparency_data #7420
* Fixed bug when reading BC5S DDS images #7401
* Prevent TIFF orientation from being applied more than once
* Use previous pixel alpha for QOI_OP_RGB #7357
* Added BC5U reading #7358
* Allow getpixel() to accept a list #7355
* Allow GaussianBlur and BoxBlur to accept a sequence of x and
y radii #7336
* Expand JPEG buffer size when saving optimized or progressive
* Added session type check for Linux in
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=148
- Update to 10.0.1
- Updated libwebp to 1.3.2 #7395 [radarhere]
- Updated zlib to 1.3 #7344 [radarhere]
- Changes from 10.0.0
- Fixed deallocating mask images #7246 [radarhere]
- Added ImageFont.MAX_STRING_LENGTH #7244 [radarhere, hugovk]
- Fix Windows build with pyproject.toml #7230 [hugovk, nulano, radarhere]
- Do not close provided file handles with libtiff #7199 [radarhere]
- Convert to HSV if mode is HSV in getcolor() #7226 [radarhere]
- Added alpha_only argument to getbbox() #7123 [radarhere. hugovk]
- Prioritise speed in _repr_png_ #7242 [radarhere]
- Do not use CFFI access by default on PyPy #7236 [radarhere]
- Limit size even if one dimension is zero in decompression bomb check #7235 [radarhere]
- Use --config-settings instead of deprecated --global-option #7171 [radarhere]
- Better C integer definitions #6645 [Yay295, hugovk]
- Fixed finding dependencies on Cygwin #7175 [radarhere]
- Changed grabclipboard() to use PNG instead of JPG compression on macOS #7219 [abey79, radarhere]
- Added in_place argument to ImageOps.exif_transpose() #7092 [radarhere]
- Fixed calling putpalette() on L and LA images before load() #7187 [radarhere]
- Fixed saving TIFF multiframe images with LONG8 tag types #7078 [radarhere]
- Fixed combining single duration across duplicate APNG frames #7146 [radarhere]
- Remove temporary file when error is raised #7148 [radarhere]
- Do not use temporary file when grabbing clipboard on Linux #7200 [radarhere]
- If the clipboard fails to open on Windows, wait and try again #7141 [radarhere]
- Fixed saving multiple 1 mode frames to GIF #7181 [radarhere]
- Replaced absolute PIL import with relative import #7173 [radarhere]
- Replaced deprecated Py_FileSystemDefaultEncoding for Python >= 3.12 #7192 [radarhere]
- Improved wl-paste mimetype handling in ImageGrab #7094 [rrcgat, radarhere]
- Added _repr_jpeg_() for IPython display_jpeg #7135 [n3011, radarhere, nulano]
- Use "/sbin/ldconfig" if ldconfig is not found #7068 [radarhere]
- Prefer screenshots using XCB over gnome-screenshot #7143 [nulano, radarhere]
- Fixed joined corners for ImageDraw rounded_rectangle() odd dimensions #7151 [radarhere]
- Support reading signed 8-bit TIFF images #7111 [radarhere]
- Added width argument to ImageDraw regular_polygon #7132 [radarhere]
- Support I mode for ImageFilter.BuiltinFilter #7108 [radarhere]
- Raise error from stderr of Linux ImageGrab.grabclipboard() command #7112 [radarhere]
- Added unpacker from I;16B to I;16 #7125 [radarhere]
- Support float font sizes #7107 [radarhere]
- Use later value for duplicate xref entries in PdfParser #7102 [radarhere]
- Load before getting size in __getstate__ #7105 [bigcat88, radarhere]
- Fixed type handling for include and lib directories #7069 [adisbladis, radarhere]
- Remove deprecations for Pillow 10.0.0 #7059, #7080 [hugovk, radarhere]
- Drop support for soon-EOL Python 3.7 #7058 [hugovk, radarhere]
OBS-URL: https://build.opensuse.org/request/show/1112102
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=144
* Added ImageSourceData to TAGS_V2 #7053
* Clear PPM half token after use #7052
* Removed absolute path to ldconfig #7044
* Support custom comments and PLT markers when saving JPEG2000
images #6903
* Load before getting size in __array_interface__ #7034
* Support creating BGR;15, BGR;16 and BGR;24 images, but drop
support for BGR;32 #7010
* Consider transparency when applying APNG blend mask #7018
* Round duration when saving animated WebP images #6996
* Added reading of JPEG2000 comments #6909
* Decrement reference count #7003
* Allow libtiff_support_custom_tags to be missing #7020
* Improved I;16N support #6834
* Added QOI reading #6852
* Added saving RGBA images as PDFs #6925
* Do not raise an error if os.environ does not contain PATH
* Close OleFileIO instance when closing or exiting FPX or MIC
* Added __int__ to IFDRational for Python >= 3.11 #6998
* Added memoryview support to Dib.frombytes() #6988
* Close file pointer copy in the libtiff encoder if still open
* Raise an error if ImageDraw co-ordinates are incorrectly
ordered #6978
* Added "corners" argument to ImageDraw rounded_rectangle()
* Added memoryview support to frombytes() #6974
* Allow comments in FITS images #6973
* Support saving PDF with different X and Y resolutions #6961
* [jvanderneutstulen, radarhere, hugovk]
* Fixed writing int as UNDEFINED tag #6950
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=138
- Prefer global transparency in GIF when replacing with background color #5756
- Added "exif" keyword argument to TIFF saving #5575
- Copy Python palette to new image in quantize() #5696
- Read ICO AND mask from end #5667
- Actually check the framesize in FliDecode.c #5659
- Determine JPEG2000 mode purely from ihdr header box #5654
- Fixed using info dictionary when writing multiple APNG frames #5611
- Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 #5655
- For GIF save_all with palette, do not include palette with each frame #5603
- Keep transparency when converting from P to LA or PA #5606
- Copy palette to new image in transform() #5647
- Added "transparency" argument to EpsImagePlugin load() #5620
- Corrected pathlib.Path detection when saving #5633
- Added WalImageFile class #5618
- Consider I;16 pixel size when drawing text #5598
- If default conversion from P is RGB with transparency, convert to RGBA #5594
- Speed up rotating square images by 90 or 270 degrees #5646
- Add support for reading DPI information from JPEG2000 images
- Catch TypeError from corrupted DPI value in EXIF #5639
- Do not close file pointer when saving SGI images #5645
- Deprecate ImagePalette size parameter #5641
- Prefer command line tools SDK on macOS #5624
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=121
- Update to 8.1.1
Security
* CVE-2021-25289: The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in TiffDecode.c.
* CVE-2021-25290: In TiffDecode.c, there is a negative-offset memcpy with an invalid size
* CVE-2021-25291: In TiffDecode.c, invalid tile boundaries could lead to an OOB Read in TiffReadRGBATile
* CVE-2021-25292: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
* CVE-2021-25293: There is an Out of Bounds Read in SGIRleDecode.c, since pillow 4.3.0.
There is an Exhaustion of Memory DOS in the ICNS, ICO, and BLP container formats where Pillow
did not properly check the reported size of the contained image. These images could cause
arbitrariliy large memory allocations. This was reported by Jiayi Lin, Luke Shaffer, Xinran Xie,
and Akshay Ajayan of ASU.edu.
Other Changes
A crash with the feature flags for LibJpeg and Webp on unreleased Python 3.10 has been fixed
OBS-URL: https://build.opensuse.org/request/show/876407
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=111
* Fix TIFF OOB Write error. CVE-2020-35654
* Fix for Read Overflow in PCX Decoding. CVE-2020-35653
* Fix for SGI Decode buffer overrun. CVE-2020-35655
* Fix OOB Read when saving GIF of xsize=1
* Makefile updates
* Add support for PySide6
* Use disposal settings from previous frame in APNG
* Added exception explaining that _repr_png_ saves to PNG
* Use previous disposal method in GIF load_end
* Allow putpalette to accept 1024 integers to include alpha values
* Fix OOB Read when writing TIFF with custom Metadata
* Added append_images support for ICO
* Block TIFFTAG_SUBIFD
* Fixed dereferencing potential null pointers
* Deprecate FreeType 2.7
* Moved warning to end of execution
* Removed unused fromstring and tostring C methods
* init() if one of the formats is unrecognised
* Moved string_dimension CVE image to pillow-depends
* Support raw rgba8888 for DDS
- drop patches python-Pillow-tiff-4.2.0.patch
python-Pillow-tiff-fix-oob-read.patch (upstream)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=108
* Python 2.7 support will be removed in Pillow 7.0.0 #3682 [hugovk]
* Add EXIF class #3625 [radarhere]
* Add ImageOps exif_transpose method #3687 [radarhere]
* Added warnings to deprecated CMSProfile attributes #3615 [hugovk]
* Documented reading TIFF multiframe images #3720 [akuchling]
* Improved speed of opening an MPO file #3658 [Glandos]
* Update palette in quantize #3721 [radarhere]
* Improvements to TIFF is_animated and n_frames #3714 [radarhere]
* Fixed incompatible pointer type warnings #3754 [radarhere]
* Improvements to PA and LA conversion and palette operations #3728 [radarhere]
* Consistent DPI rounding #3709 [radarhere]
* Change size of MPO image to match frame #3588 [radarhere]
* Read Photoshop resolution data #3701 [radarhere]
* Ensure image is mutable before saving #3724 [radarhere]
* Correct remap_palette documentation #3740 [radarhere]
* Promote P images to PA in putalpha #3726 [radarhere]
* Allow RGB and RGBA values for new P images #3719 [radarhere]
* Fixed TIFF bug when seeking backwards and then forwards #3713 [radarhere]
* Cache EXIF information #3498 [Glandos]
* Added transparency for all PNG greyscale modes #3744 [radarhere]
* Fix deprecation warnings in Python 3.8 #3749 [radarhere]
* Fixed GIF bug when rewinding to a non-zero frame #3716 [radarhere]
* Only close original fp in __del__ and __exit__ if original fp is exclusive #3683 [radarhere]
* Fix BytesWarning in Tests/test_numpy.py #3725 [jdufresne]
* Add missing MIME types and extensions #3520 [pirate486743186]
* Add I;16 PNG save #3566 [radarhere]
* Add support for BMP RGBA bitfield compression #3705 [radarhere]
* Added ability to set language for text rendering #3693 [iwsfutcmd]
* Only close exclusive fp on Image __exit__ #3698 [radarhere]
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=80
