* Update licence to MIT-CMU #8460
[hugovk]
* Conditionally define ImageCms type hint to avoid requiring core #8197
[radarhere]
* Support writing LONG8 offsets in AppendingTiffWriter #8417
[radarhere]
* Use ImageFile.MAXBLOCK when saving TIFF images #8461
[radarhere]
* Do not close provided file handles with libtiff when saving #8458
[radarhere]
* Support ImageFilter.BuiltinFilter for I;16* images #8438
[radarhere]
* Use ImagingCore.ptr instead of ImagingCore.id #8341
[homm, radarhere, hugovk]
* Updated EPS mode when opening images without transparency #8281
[Yay295, radarhere]
* Use transparency when combining P frames from APNGs #8443
[radarhere]
* Support all resampling filters when resizing I;16* images #8422
[radarhere]
* Free memory on early return #8413
[radarhere]
* Cast int before potentially exceeding INT_MAX #8402
[radarhere]
* Check image value before use #8400
[radarhere]
* Improved copying imagequant libraries #8420
[radarhere]
* Use Capsule for WebP saving #8386
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=158
- Update to 10.4.0
* Raise FileNotFoundError if show_file() path does not exist #8178
[radarhere]
* Improved reading 16-bit TGA images with colour #7965
[Yay295, radarhere]
* Deprecate non-image ImageCms modes #8031
[radarhere]
* Fixed processing multiple JPEG EXIF markers #8127
[radarhere]
* Do not preserve EXIFIFD tag by default when saving TIFF images #8110
[radarhere]
* Added ImageFont.load_default_imagefont() #8086
[radarhere]
* Added Image.WARN_POSSIBLE_FORMATS #8063
[radarhere]
* Remove zero-byte end padding when parsing any XMP data #8171
[radarhere]
* Do not detect Ultra HDR images as MPO #8056
[radarhere]
* Raise SyntaxError specific to JP2 #8146
[Yay295, radarhere]
* Do not use first frame duration for other frames when saving APNG images #8104
[radarhere]
* Consider I;16 pixel size when using a 1 mode mask #8112
[radarhere]
* When saving multiple PNG frames, convert to mode rather than raw mode #8087
[radarhere]
* Added byte support to FreeTypeFont #8141
[radarhere]
* Allow float center for rotate operations #8114
OBS-URL: https://build.opensuse.org/request/show/1189031
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=156
- update to 10.3.0 (bsc#1222262, CVE-2024-28219):
* CVE-2024-28219: Use strncpy to avoid buffer overflow #7928
[radarhere, hugovk]
* Deprecate eval(), replacing it with lambda_eval() and
unsafe_eval() #7927 [radarhere, hugovk]
* Raise ValueError if seeking to greater than offset-sized
integer in TIFF #7883 [radarhere]
* Add --report argument to __main__.py to omit supported
formats #7818 [nulano, radarhere, hugovk]
* Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918,
#7920 [radarhere]
* Fix editable installation with custom build backend and
configuration options #7658 [nulano, radarhere]
* Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk,
radarhere]
* Determine MPO size from markers, not EXIF data #7884
[radarhere]
* Improved conversion from RGB to RGBa, LA and La #7888
[radarhere]
* Support FITS images with GZIP_1 compression #7894 [radarhere]
* Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion,
radarhere]
* Raise ValueError if kmeans is negative #7891 [radarhere]
* Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893
[radarhere]
* Raise ValueError for negative values when loading P1-P3 PPM
images #7882 [radarhere]
* Added reading of JPEG2000 palettes #7870 [radarhere]
* Added alpha_quality argument when saving WebP images #7872
[radarhere]
OBS-URL: https://build.opensuse.org/request/show/1164299
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=66
* CVE-2024-28219: Use strncpy to avoid buffer overflow #7928
[radarhere, hugovk]
* Deprecate eval(), replacing it with lambda_eval() and
unsafe_eval() #7927 [radarhere, hugovk]
* Raise ValueError if seeking to greater than offset-sized
integer in TIFF #7883 [radarhere]
* Add --report argument to __main__.py to omit supported
formats #7818 [nulano, radarhere, hugovk]
* Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918,
#7920 [radarhere]
* Fix editable installation with custom build backend and
configuration options #7658 [nulano, radarhere]
* Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk,
radarhere]
* Determine MPO size from markers, not EXIF data #7884
[radarhere]
* Improved conversion from RGB to RGBa, LA and La #7888
[radarhere]
* Support FITS images with GZIP_1 compression #7894 [radarhere]
* Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion,
radarhere]
* Raise ValueError if kmeans is negative #7891 [radarhere]
* Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893
[radarhere]
* Raise ValueError for negative values when loading P1-P3 PPM
images #7882 [radarhere]
* Added reading of JPEG2000 palettes #7870 [radarhere]
* Added alpha_quality argument when saving WebP images #7872
[radarhere]
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=152
- Update to 10.2.0:
* Add ``keep_rgb`` option when saving JPEG to prevent conversion of
RGB colorspace
* Trim glyph size in ImageFont.getmask()
* Deprecate IptcImagePlugin helpers
* Allow uncompressed TIFF images to be saved in chunks
* Concatenate multiple JPEG EXIF markers
* Changed IPTC tile tuple to match other plugins
* Do not assign new fp attribute when exiting context manager
* Support arbitrary masks for uncompressed RGB DDS images
* Support setting ROWSPERSTRIP tag
* Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask()
* Optimise ``ImageColor`` using ``functools.lru_cache``
* Restricted environment keys for ImageMath.eval()
(CVE-2023-50447, bsc#1219048)
* Optimise ``ImageMode.getmode`` using ``functools.lru_cache``
* Fix incorrect color blending for overlapping glyphs
* Attempt memory mapping when tile args is a string
* Fill identical pixels with transparency in subsequent frames when
saving GIF
* Corrected duration when combining multiple GIF frames into single frame
* Handle disposing GIF background from outside palette
* Seek past the data when skipping a PSD layer
* Import plugins relative to the module
* Translate encoder error codes to strings; deprecate
``ImageFile.raise_oserror()``
* Support reading BC4U and DX10 BC1 images
* Optimize ImageStat.Stat.extrema
* Handle pathlib.Path in FreeTypeFont
* Added support for reading DX10 BC4 DDS images
OBS-URL: https://build.opensuse.org/request/show/1140356
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=65
* Add ``keep_rgb`` option when saving JPEG to prevent conversion of
RGB colorspace
* Trim glyph size in ImageFont.getmask()
* Deprecate IptcImagePlugin helpers
* Allow uncompressed TIFF images to be saved in chunks
* Concatenate multiple JPEG EXIF markers
* Changed IPTC tile tuple to match other plugins
* Do not assign new fp attribute when exiting context manager
* Support arbitrary masks for uncompressed RGB DDS images
* Support setting ROWSPERSTRIP tag
* Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask()
* Optimise ``ImageColor`` using ``functools.lru_cache``
* Restricted environment keys for ImageMath.eval()
(CVE-2023-50447, bsc#1219048)
* Optimise ``ImageMode.getmode`` using ``functools.lru_cache``
* Fix incorrect color blending for overlapping glyphs
* Attempt memory mapping when tile args is a string
* Fill identical pixels with transparency in subsequent frames when
saving GIF
* Corrected duration when combining multiple GIF frames into single frame
* Handle disposing GIF background from outside palette
* Seek past the data when skipping a PSD layer
* Import plugins relative to the module
* Translate encoder error codes to strings; deprecate
``ImageFile.raise_oserror()``
* Support reading BC4U and DX10 BC1 images
* Optimize ImageStat.Stat.extrema
* Handle pathlib.Path in FreeTypeFont
* Added support for reading DX10 BC4 DDS images
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=150
- update to 10.1.0:
* Added TrueType default font to allow for different sizes
* Fixed invalid argument warning #7442
* Added ImageOps cover method #7412
* Catch struct.error from truncated EXIF when reading JPEG DPI
* Consider default image when selecting mode for PNG save_all
* Support BGR;15, BGR;16 and BGR;24 access, unpacking and
putdata #7303
* Added CMYK to RGB unpacker #7310
* Improved flexibility of XMP parsing #7274
* Support reading 8-bit YCbCr TIFF images #7415
* Allow saving I;16B images as PNG #7302
* Corrected drawing I;16 points and writing I;16 text #7257
* Set blue channel to 128 for BC5S #7413
* Increase flexibility when reading IPTC fields #7319
* Set C palette to be empty by default #7289
* Added gs_binary to control Ghostscript use on all platforms
* Read bounding box information from the trailer of EPS files
if specified #7382
* Added reading 8-bit color DDS images #7426
* Added has_transparency_data #7420
* Fixed bug when reading BC5S DDS images #7401
* Prevent TIFF orientation from being applied more than once
* Use previous pixel alpha for QOI_OP_RGB #7357
* Added BC5U reading #7358
* Allow getpixel() to accept a list #7355
* Allow GaussianBlur and BoxBlur to accept a sequence of x and
y radii #7336
* Expand JPEG buffer size when saving optimized or progressive
* Added session type check for Linux in
OBS-URL: https://build.opensuse.org/request/show/1129060
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=64
* Added TrueType default font to allow for different sizes
* Fixed invalid argument warning #7442
* Added ImageOps cover method #7412
* Catch struct.error from truncated EXIF when reading JPEG DPI
* Consider default image when selecting mode for PNG save_all
* Support BGR;15, BGR;16 and BGR;24 access, unpacking and
putdata #7303
* Added CMYK to RGB unpacker #7310
* Improved flexibility of XMP parsing #7274
* Support reading 8-bit YCbCr TIFF images #7415
* Allow saving I;16B images as PNG #7302
* Corrected drawing I;16 points and writing I;16 text #7257
* Set blue channel to 128 for BC5S #7413
* Increase flexibility when reading IPTC fields #7319
* Set C palette to be empty by default #7289
* Added gs_binary to control Ghostscript use on all platforms
* Read bounding box information from the trailer of EPS files
if specified #7382
* Added reading 8-bit color DDS images #7426
* Added has_transparency_data #7420
* Fixed bug when reading BC5S DDS images #7401
* Prevent TIFF orientation from being applied more than once
* Use previous pixel alpha for QOI_OP_RGB #7357
* Added BC5U reading #7358
* Allow getpixel() to accept a list #7355
* Allow GaussianBlur and BoxBlur to accept a sequence of x and
y radii #7336
* Expand JPEG buffer size when saving optimized or progressive
* Added session type check for Linux in
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=148
- Update to 10.0.1
- Updated libwebp to 1.3.2 #7395 [radarhere]
- Updated zlib to 1.3 #7344 [radarhere]
- Changes from 10.0.0
- Fixed deallocating mask images #7246 [radarhere]
- Added ImageFont.MAX_STRING_LENGTH #7244 [radarhere, hugovk]
- Fix Windows build with pyproject.toml #7230 [hugovk, nulano, radarhere]
- Do not close provided file handles with libtiff #7199 [radarhere]
- Convert to HSV if mode is HSV in getcolor() #7226 [radarhere]
- Added alpha_only argument to getbbox() #7123 [radarhere. hugovk]
- Prioritise speed in _repr_png_ #7242 [radarhere]
- Do not use CFFI access by default on PyPy #7236 [radarhere]
- Limit size even if one dimension is zero in decompression bomb check #7235 [radarhere]
- Use --config-settings instead of deprecated --global-option #7171 [radarhere]
- Better C integer definitions #6645 [Yay295, hugovk]
- Fixed finding dependencies on Cygwin #7175 [radarhere]
- Changed grabclipboard() to use PNG instead of JPG compression on macOS #7219 [abey79, radarhere]
- Added in_place argument to ImageOps.exif_transpose() #7092 [radarhere]
- Fixed calling putpalette() on L and LA images before load() #7187 [radarhere]
- Fixed saving TIFF multiframe images with LONG8 tag types #7078 [radarhere]
- Fixed combining single duration across duplicate APNG frames #7146 [radarhere]
- Remove temporary file when error is raised #7148 [radarhere]
- Do not use temporary file when grabbing clipboard on Linux #7200 [radarhere]
- If the clipboard fails to open on Windows, wait and try again #7141 [radarhere]
- Fixed saving multiple 1 mode frames to GIF #7181 [radarhere]
- Replaced absolute PIL import with relative import #7173 [radarhere]
- Replaced deprecated Py_FileSystemDefaultEncoding for Python >= 3.12 #7192 [radarhere]
- Improved wl-paste mimetype handling in ImageGrab #7094 [rrcgat, radarhere]
- Added _repr_jpeg_() for IPython display_jpeg #7135 [n3011, radarhere, nulano]
- Use "/sbin/ldconfig" if ldconfig is not found #7068 [radarhere]
- Prefer screenshots using XCB over gnome-screenshot #7143 [nulano, radarhere]
- Fixed joined corners for ImageDraw rounded_rectangle() odd dimensions #7151 [radarhere]
- Support reading signed 8-bit TIFF images #7111 [radarhere]
- Added width argument to ImageDraw regular_polygon #7132 [radarhere]
- Support I mode for ImageFilter.BuiltinFilter #7108 [radarhere]
- Raise error from stderr of Linux ImageGrab.grabclipboard() command #7112 [radarhere]
- Added unpacker from I;16B to I;16 #7125 [radarhere]
- Support float font sizes #7107 [radarhere]
- Use later value for duplicate xref entries in PdfParser #7102 [radarhere]
- Load before getting size in __getstate__ #7105 [bigcat88, radarhere]
- Fixed type handling for include and lib directories #7069 [adisbladis, radarhere]
- Remove deprecations for Pillow 10.0.0 #7059, #7080 [hugovk, radarhere]
- Drop support for soon-EOL Python 3.7 #7058 [hugovk, radarhere]
OBS-URL: https://build.opensuse.org/request/show/1112102
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=144
- update to 9.5.0:
* Added ImageSourceData to TAGS_V2 #7053
* Clear PPM half token after use #7052
* Removed absolute path to ldconfig #7044
* Support custom comments and PLT markers when saving JPEG2000
images #6903
* Load before getting size in __array_interface__ #7034
* Support creating BGR;15, BGR;16 and BGR;24 images, but drop
support for BGR;32 #7010
* Consider transparency when applying APNG blend mask #7018
* Round duration when saving animated WebP images #6996
* Added reading of JPEG2000 comments #6909
* Decrement reference count #7003
* Allow libtiff_support_custom_tags to be missing #7020
* Improved I;16N support #6834
* Added QOI reading #6852
* Added saving RGBA images as PDFs #6925
* Do not raise an error if os.environ does not contain PATH
* Close OleFileIO instance when closing or exiting FPX or MIC
* Added __int__ to IFDRational for Python >= 3.11 #6998
* Added memoryview support to Dib.frombytes() #6988
* Close file pointer copy in the libtiff encoder if still open
* Raise an error if ImageDraw co-ordinates are incorrectly
ordered #6978
* Added "corners" argument to ImageDraw rounded_rectangle()
* Added memoryview support to frombytes() #6974
* Allow comments in FITS images #6973
* Support saving PDF with different X and Y resolutions #6961
* [jvanderneutstulen, radarhere, hugovk]
* Fixed writing int as UNDEFINED tag #6950
OBS-URL: https://build.opensuse.org/request/show/1077061
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=59
* Added ImageSourceData to TAGS_V2 #7053
* Clear PPM half token after use #7052
* Removed absolute path to ldconfig #7044
* Support custom comments and PLT markers when saving JPEG2000
images #6903
* Load before getting size in __array_interface__ #7034
* Support creating BGR;15, BGR;16 and BGR;24 images, but drop
support for BGR;32 #7010
* Consider transparency when applying APNG blend mask #7018
* Round duration when saving animated WebP images #6996
* Added reading of JPEG2000 comments #6909
* Decrement reference count #7003
* Allow libtiff_support_custom_tags to be missing #7020
* Improved I;16N support #6834
* Added QOI reading #6852
* Added saving RGBA images as PDFs #6925
* Do not raise an error if os.environ does not contain PATH
* Close OleFileIO instance when closing or exiting FPX or MIC
* Added __int__ to IFDRational for Python >= 3.11 #6998
* Added memoryview support to Dib.frombytes() #6988
* Close file pointer copy in the libtiff encoder if still open
* Raise an error if ImageDraw co-ordinates are incorrectly
ordered #6978
* Added "corners" argument to ImageDraw rounded_rectangle()
* Added memoryview support to frombytes() #6974
* Allow comments in FITS images #6973
* Support saving PDF with different X and Y resolutions #6961
* [jvanderneutstulen, radarhere, hugovk]
* Fixed writing int as UNDEFINED tag #6950
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=138
- update to 9.1.0:
* Fix loading FriBiDi on Alpine #6165
* Added setting for converting GIF P frames to RGB #6150
* Allow 1 mode images to be inverted #6034
* Raise ValueError when trying to save empty JPEG #6159
* Always save TIFF with contiguous planar configuration #5973
* Connected discontiguous polygon corners #5980
* Ensure Tkinter hook is activated for getimage() #6032
* Use screencapture arguments to crop on macOS #6152
* Do not mark L mode JPEG as 1 bit in PDF #6151
* Added support for reading I;16R TIFF images #6132
* If an error occurs after creating a file, remove the file #6134
* Fixed calling DisplayViewer or XVViewer without a title #6136
* Retain RGBA transparency when saving multiple GIF frames #6128
* Save additional ICO frames with other bit depths if supplied #6122
* Handle EXIF data truncated to just the header #6124
* Added support for reading BMP images with RLE8 compression #6102
* Support Python distributions where _tkinter is compiled in #6006
* Added support for PPM arbitrary maxval #6119
* Added BigTIFF reading #6097
* When converting, clip I;16 to be unsigned, not signed #6112
* Fixed loading L mode GIF with transparency #6086
* Improved handling of PPM header #5121
* Reset size when seeking away from "Large Thumbnail" MPO frame #6101
* Replace requirements.txt with extras #6072
* Added PyEncoder and support BLP saving #6069
* Handle TGA images with packets that cross scan lines #6087
* Added FITS reading #6056
* Added rawmode argument to Image.getpalette() #6061
* Fixed BUFR, GRIB and HDF5 stub saving #6071
OBS-URL: https://build.opensuse.org/request/show/967882
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=53
- update to 8.4.0:
- Prefer global transparency in GIF when replacing with background color #5756
- Added "exif" keyword argument to TIFF saving #5575
- Copy Python palette to new image in quantize() #5696
- Read ICO AND mask from end #5667
- Actually check the framesize in FliDecode.c #5659
- Determine JPEG2000 mode purely from ihdr header box #5654
- Fixed using info dictionary when writing multiple APNG frames #5611
- Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 #5655
- For GIF save_all with palette, do not include palette with each frame #5603
- Keep transparency when converting from P to LA or PA #5606
- Copy palette to new image in transform() #5647
- Added "transparency" argument to EpsImagePlugin load() #5620
- Corrected pathlib.Path detection when saving #5633
- Added WalImageFile class #5618
- Consider I;16 pixel size when drawing text #5598
- If default conversion from P is RGB with transparency, convert to RGBA #5594
- Speed up rotating square images by 90 or 270 degrees #5646
- Add support for reading DPI information from JPEG2000 images
- Catch TypeError from corrupted DPI value in EXIF #5639
- Do not close file pointer when saving SGI images #5645
- Deprecate ImagePalette size parameter #5641
- Prefer command line tools SDK on macOS #5624
OBS-URL: https://build.opensuse.org/request/show/928313
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=51
- Prefer global transparency in GIF when replacing with background color #5756
- Added "exif" keyword argument to TIFF saving #5575
- Copy Python palette to new image in quantize() #5696
- Read ICO AND mask from end #5667
- Actually check the framesize in FliDecode.c #5659
- Determine JPEG2000 mode purely from ihdr header box #5654
- Fixed using info dictionary when writing multiple APNG frames #5611
- Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 #5655
- For GIF save_all with palette, do not include palette with each frame #5603
- Keep transparency when converting from P to LA or PA #5606
- Copy palette to new image in transform() #5647
- Added "transparency" argument to EpsImagePlugin load() #5620
- Corrected pathlib.Path detection when saving #5633
- Added WalImageFile class #5618
- Consider I;16 pixel size when drawing text #5598
- If default conversion from P is RGB with transparency, convert to RGBA #5594
- Speed up rotating square images by 90 or 270 degrees #5646
- Add support for reading DPI information from JPEG2000 images
- Catch TypeError from corrupted DPI value in EXIF #5639
- Do not close file pointer when saving SGI images #5645
- Deprecate ImagePalette size parameter #5641
- Prefer command line tools SDK on macOS #5624
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=121
- update to 8.1.2:
- Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
- Update to 8.1.1
Security
* CVE-2021-25289: The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in TiffDecode.c.
* CVE-2021-25290: In TiffDecode.c, there is a negative-offset memcpy with an invalid size
* CVE-2021-25291: In TiffDecode.c, invalid tile boundaries could lead to an OOB Read in TiffReadRGBATile
* CVE-2021-25292: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
* CVE-2021-25293: There is an Out of Bounds Read in SGIRleDecode.c, since pillow 4.3.0.
There is an Exhaustion of Memory DOS in the ICNS, ICO, and BLP container formats where Pillow
did not properly check the reported size of the contained image. These images could cause
arbitrariliy large memory allocations. This was reported by Jiayi Lin, Luke Shaffer, Xinran Xie,
and Akshay Ajayan of ASU.edu.
Other Changes
A crash with the feature flags for LibJpeg and Webp on unreleased Python 3.10 has been fixed
OBS-URL: https://build.opensuse.org/request/show/877608
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=46
- Update to 8.1.1
Security
* CVE-2021-25289: The previous fix for CVE-2020-35654 was insufficent due to incorrect error checking in TiffDecode.c.
* CVE-2021-25290: In TiffDecode.c, there is a negative-offset memcpy with an invalid size
* CVE-2021-25291: In TiffDecode.c, invalid tile boundaries could lead to an OOB Read in TiffReadRGBATile
* CVE-2021-25292: The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack.
* CVE-2021-25293: There is an Out of Bounds Read in SGIRleDecode.c, since pillow 4.3.0.
There is an Exhaustion of Memory DOS in the ICNS, ICO, and BLP container formats where Pillow
did not properly check the reported size of the contained image. These images could cause
arbitrariliy large memory allocations. This was reported by Jiayi Lin, Luke Shaffer, Xinran Xie,
and Akshay Ajayan of ASU.edu.
Other Changes
A crash with the feature flags for LibJpeg and Webp on unreleased Python 3.10 has been fixed
OBS-URL: https://build.opensuse.org/request/show/876407
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=111
* Fix TIFF OOB Write error. CVE-2020-35654
* Fix for Read Overflow in PCX Decoding. CVE-2020-35653
* Fix for SGI Decode buffer overrun. CVE-2020-35655
* Fix OOB Read when saving GIF of xsize=1
* Makefile updates
* Add support for PySide6
* Use disposal settings from previous frame in APNG
* Added exception explaining that _repr_png_ saves to PNG
* Use previous disposal method in GIF load_end
* Allow putpalette to accept 1024 integers to include alpha values
* Fix OOB Read when writing TIFF with custom Metadata
* Added append_images support for ICO
* Block TIFFTAG_SUBIFD
* Fixed dereferencing potential null pointers
* Deprecate FreeType 2.7
* Moved warning to end of execution
* Removed unused fromstring and tostring C methods
* init() if one of the formats is unrecognised
* Moved string_dimension CVE image to pillow-depends
* Support raw rgba8888 for DDS
- drop patches python-Pillow-tiff-4.2.0.patch
python-Pillow-tiff-fix-oob-read.patch (upstream)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=108
- Update to 7.1.2:
* This fixes a regression introduced in 7.1.0 when adding support
for APNG files.
* When calling seek(n) on a regular PNG where n > 0, it failed to
raise an EOFError as it should have done
- update to version 7.1.1:
* Fix regression seeking and telling PNGs #4512#4514 [hugovk,
radarhere]
- changes from version 7.1.0:
* Fix multiple OOB reads in FLI decoding #4503 [wiredfool]
* Fix buffer overflow in SGI-RLE decoding #4504 [wiredfool, hugovk]
* Fix bounds overflow in JPEG 2000 decoding #4505 [wiredfool]
* Fix bounds overflow in PCX decoding #4506 [wiredfool]
* Fix 2 buffer overflows in TIFF decoding #4507 [wiredfool]
* Add APNG support #4243 [pmrowla, radarhere, hugovk]
* ImageGrab.grab() for Linux with XCB #4260 [nulano, radarhere]
* Added three new channel operations #4230 [dwastberg, radarhere]
* Prevent masking of Image reduce method in Jpeg2KImagePlugin #4474
[radarhere, homm]
* Added reading of earlier ImageMagick PNG EXIF data #4471
[radarhere]
* Fixed endian handling for I;16 getextrema #4457 [radarhere]
* Release buffer if function returns prematurely #4381 [radarhere]
* Add JPEG comment to info dictionary #4455 [radarhere]
* Fix size calculation of Image.thumbnail() #4404 [orlnub123]
* Fixed stroke on FreeType < 2.9 #4401 [radarhere]
* If present, only use alpha channel for bounding box #4454
[radarhere]
* Warn if an unknown feature is passed to features.check() #4438
OBS-URL: https://build.opensuse.org/request/show/799155
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=38
- Update to 6.0.0:
* Python 2.7 support will be removed in Pillow 7.0.0 #3682 [hugovk]
* Add EXIF class #3625 [radarhere]
* Add ImageOps exif_transpose method #3687 [radarhere]
* Added warnings to deprecated CMSProfile attributes #3615 [hugovk]
* Documented reading TIFF multiframe images #3720 [akuchling]
* Improved speed of opening an MPO file #3658 [Glandos]
* Update palette in quantize #3721 [radarhere]
* Improvements to TIFF is_animated and n_frames #3714 [radarhere]
* Fixed incompatible pointer type warnings #3754 [radarhere]
* Improvements to PA and LA conversion and palette operations #3728 [radarhere]
* Consistent DPI rounding #3709 [radarhere]
* Change size of MPO image to match frame #3588 [radarhere]
* Read Photoshop resolution data #3701 [radarhere]
* Ensure image is mutable before saving #3724 [radarhere]
* Correct remap_palette documentation #3740 [radarhere]
* Promote P images to PA in putalpha #3726 [radarhere]
* Allow RGB and RGBA values for new P images #3719 [radarhere]
* Fixed TIFF bug when seeking backwards and then forwards #3713 [radarhere]
* Cache EXIF information #3498 [Glandos]
* Added transparency for all PNG greyscale modes #3744 [radarhere]
* Fix deprecation warnings in Python 3.8 #3749 [radarhere]
* Fixed GIF bug when rewinding to a non-zero frame #3716 [radarhere]
* Only close original fp in __del__ and __exit__ if original fp is exclusive #3683 [radarhere]
* Fix BytesWarning in Tests/test_numpy.py #3725 [jdufresne]
* Add missing MIME types and extensions #3520 [pirate486743186]
* Add I;16 PNG save #3566 [radarhere]
* Add support for BMP RGBA bitfield compression #3705 [radarhere]
* Added ability to set language for text rendering #3693 [iwsfutcmd]
* Only close exclusive fp on Image __exit__ #3698 [radarhere]
OBS-URL: https://build.opensuse.org/request/show/691779
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Pillow?expand=0&rev=34
* Python 2.7 support will be removed in Pillow 7.0.0 #3682 [hugovk]
* Add EXIF class #3625 [radarhere]
* Add ImageOps exif_transpose method #3687 [radarhere]
* Added warnings to deprecated CMSProfile attributes #3615 [hugovk]
* Documented reading TIFF multiframe images #3720 [akuchling]
* Improved speed of opening an MPO file #3658 [Glandos]
* Update palette in quantize #3721 [radarhere]
* Improvements to TIFF is_animated and n_frames #3714 [radarhere]
* Fixed incompatible pointer type warnings #3754 [radarhere]
* Improvements to PA and LA conversion and palette operations #3728 [radarhere]
* Consistent DPI rounding #3709 [radarhere]
* Change size of MPO image to match frame #3588 [radarhere]
* Read Photoshop resolution data #3701 [radarhere]
* Ensure image is mutable before saving #3724 [radarhere]
* Correct remap_palette documentation #3740 [radarhere]
* Promote P images to PA in putalpha #3726 [radarhere]
* Allow RGB and RGBA values for new P images #3719 [radarhere]
* Fixed TIFF bug when seeking backwards and then forwards #3713 [radarhere]
* Cache EXIF information #3498 [Glandos]
* Added transparency for all PNG greyscale modes #3744 [radarhere]
* Fix deprecation warnings in Python 3.8 #3749 [radarhere]
* Fixed GIF bug when rewinding to a non-zero frame #3716 [radarhere]
* Only close original fp in __del__ and __exit__ if original fp is exclusive #3683 [radarhere]
* Fix BytesWarning in Tests/test_numpy.py #3725 [jdufresne]
* Add missing MIME types and extensions #3520 [pirate486743186]
* Add I;16 PNG save #3566 [radarhere]
* Add support for BMP RGBA bitfield compression #3705 [radarhere]
* Added ability to set language for text rendering #3693 [iwsfutcmd]
* Only close exclusive fp on Image __exit__ #3698 [radarhere]
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=80
- Version update to 5.0.0:
* Docs: Added docstrings from documentation #2914 [radarhere]
* Test: Switch from nose to pytest #2815 [hugovk]
* Rework Source directory layout, preventing accidental import of PIL. #2911 [wiredfool]
* Dynamically link libraqm #2753 [wiredfool]
* Removed scripts directory #2901 [wiredfool]
* TIFF: Run all compressed tiffs through libtiff decoder #2899 [wiredfool]
* GIF: Add disposal option when saving GIFs #2902 [linnil1, wiredfool]
* EPS: Allow for an empty line in EPS header data #2903 [radarhere]
* PNG: Add support for sRGB and cHRM chunks, permit sRGB when no iCCP chunk present #2898 [wiredfool]
* Dependencies: Update Tk Tcl to 8.6.8 #2905 [radarhere]
* Decompression bomb error now raised for images 2x larger than a decompression bomb warning #2583 [wiredfool]
* Test: avoid random failure in test_effect_noise #2894 [hugovk]
* Increased epsilon for test_file_eps.py:test_showpage due to Arch update. #2896 [wiredfool]
* Removed check parameter from _save in BmpImagePlugin, PngImagePlugin, ImImagePlugin, PalmImagePlugin, and PcxImagePlugin. #2873 [radarhere]
* Make PngImagePlugin.add_text() zip argument type bool #2890 [jdufresne]
* Depends: Updated libwebp to 0.6.1 #2880 [radarhere]
* Remove unnecessary bool() calls in Image.registered_extensions and skipKnownBadTests #2891 [jdufresne]
* Fix count of BITSPERSAMPLE items in broken TIFF files #2883 [homm]
* Fillcolor parameter for Image.Transform #2852 [wiredfool]
* Test: Display differences for test failures #2862 [wiredfool]
* Added executable flag to file with shebang line #2884 [radarhere]
* Setup: Specify compatible Python versions for pip #2877 [hugovk]
* Dependencies: Updated libimagequant to 2.11.4 #2878 [radarhere]
* Setup: Warn if trying to install for Py3.7 on Windows #2855 [hugovk]
* Doc: Fonts can be loaded from a file-like object, not just filename #2861 [robin-norwood]
* Add eog support for Ubuntu Image Viewer #2864 [NafisFaysal]
* Test: Test on 3.7-dev on Travis.ci #2870 [hugovk]
* Dependencies: Update libtiff to 4.0.9 #2871 [radarhere]
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=65
- update to 4.2.1:
- CI: Fix version specification and test on CI for PyPy/Windows #2608
- Doc: Clarified Image.save:append_images documentation #2604
- CI: Amazon Linux and Centos6 docker images added to TravisCI #2585
- Image.alpha_composite added #2595
- Complex Text Support #2576
- Added threshold parameter to ImageDraw.floodfill #2599
- Added dBATCH parameter to ghostscript command #2588
- JPEG: Adjust buffer size when icc_profile > MAXBLOCK #2596
- Specify Pillow Version in one place #2517
- CI: Change the owner of the TRAVIS_BUILD_DIR, fixing broken docker runs #2587
- Fix truncated PNG loading for some images, Fix memory leak on truncated PNG images. #2541, #2598
- Add decompression bomb check to Image.crop #2410
- ImageFile: Ensure that the `err_code` variable is initialized in case of exception. #2363
- Tiff: Support append_images for saving multipage TIFFs #2406
- Doc: Clarify that draft is only implemented for JPEG and PCD #2409
- Test: MicImagePlugin #2447
- Use round() instead of floor() to eliminate zero coefficients in resample #2558
- Remove deprecated code #2549
- Added append_images to PDF saving #2526
- Remove unused function core image function new_array #2548
- Remove unnecessary calls to dict.keys() #2551
- Add more ImageDraw.py tests and remove unused Draw.c code #2533
- Test: More tests for ImageMorph #2554
- Test: McIDAS area file #2552
- Update Feature Detection #2520
- CI: Update pypy on TravisCI #2573
- ImageMorph: Fix wrong expected size of MRLs read from disk #2561
- Docs: Update install docs for FreeBSD #2546
- Build: Ignore OpenJpeg 1.5 on FreeBSD #2544
OBS-URL: https://build.opensuse.org/request/show/517892
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=62
- fix wrong macro name in %post - it's %{py_ver}, not %{py-ver}
With the wrong name, the macro wasn't expanded, which lead to funny messages when installing the package:
(10/15) Installation von: python-Pillow-3.0.0-1.1 .....................................................................................................................................................................................................................[fertig]
Zusätzliche rpm-Ausgabe:
update-alternatives: using /usr/bin/pilconvert-2.7 to provide /usr/bin/pilconvert (pilconvert) in auto mode
update-alternatives: warning: skip creation of /usr/bin/createfontdatachunk because associated file /usr/bin/createfontdatachunk-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/enhancer because associated file /usr/bin/enhancer-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/explode because associated file /usr/bin/explode-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/gifmaker because associated file /usr/bin/gifmaker-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/painter because associated file /usr/bin/painter-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/player because associated file /usr/bin/player-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/thresholder because associated file /usr/bin/thresholder-%{py-ver} (of link group pilconvert) doesn't exist
update-alternatives: warning: skip creation of /usr/bin/viewer because associated file /usr/bin/viewer-%{py-ver} (of link group pilconvert) doesn't exist
Please forward this fix to factory.
OBS-URL: https://build.opensuse.org/request/show/344484
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=41
- enable build time testing, but not for i586 as it's broken there due to some
rounding error (see https://github.com/python-pillow/Pillow/issues/819)
- Update to 2.5.1:
* 2.5.1 (2014-07-10)
Fixed install issue if Multiprocessing.Pool is not available [wiredfool]
32bit mult overflow fix#782 [wiredfool]
* 2.5.0 (2014-07-01)
Imagedraw rewrite [terseus, wiredfool]
Add support for multithreaded test execution [wiredfool]
Prevent shell injection #748 [mbrown1413, wiredfool]
Support for Resolution in BMP files #734 [gcq]
Fix error in setup.py for Python 3 [matthew-brett]
Pyroma fix and add Python 3.4 to setup metadata #742 [wirefool]
Top level flake8 fixes#741 [aclark]
Remove obsolete Animated Raster Graphics (ARG) support [hugovk]
Fix test_imagedraw failures #727 [cgohlke]
Fix AttributeError: class Image has no attribute 'DEBUG' #726 [cgohlke]
Fix msvc warning: 'inline' : macro redefinition #725 [cgohlke]
Cleanup #654 [dvska, hugovk, wiredfool]
16-bit monochrome support for JPEG2000 [videan42]
Fixed ImagePalette.save [brightpisces]
Support JPEG qtables [csinchok]
Add binary morphology addon [dov, wiredfool]
Decompression bomb protection [hugovk]
Put images in a single directory [hugovk]
Support OpenJpeg 2.1 [al45tair]
Remove unistd.h #include for all platforms [wiredfool]
Use unittest for tests [hugovk]
ImageCms fixes [hugovk]
OBS-URL: https://build.opensuse.org/request/show/244315
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=19
New attempt to submit this, now providing python-imaging
@Sascha: sure, it might been wrong to provide python-imaging in the
first place, but python-Pillow without it doesn't make muchg sense,
or do you really want to adjust all dependant packages? Here, that
where scribus and python-repostlab, which both seem to work fine
with Pillow, apart from the imaging dependency.
BTW: this is the way, Redhat handles this issue, too.
Incorporated the new release, and added openjpeg2 dependency.
- New upstream release 2.4.0. For details see
https://pypi.python.org/pypi/Pillow/2.4.0
- New dependency: openjpeg2 for JPEG 2000 support
- provide python-imaging in order to act as a drop in replacement
for it.
- symlink alternatives files, as requested from Coolo, in order to
get rid of suse version conditional
OBS-URL: https://build.opensuse.org/request/show/233204
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Pillow?expand=0&rev=13
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
