chore(dependencies): update dependency pillow to v10 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pillow (changelog)	^7.2.0 -> ^10.0.0

GitHub Vulnerability Alerts

CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.

CVE-2021-27922

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

CVE-2021-27921

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

CVE-2021-27923

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.

CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

CVE-2021-25293

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

GHSA-jgpv-4h4c-xhw3

Impact

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

Patches

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.

Workarounds

An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.

References

https://nvd.nist.gov/vuln/detail/CVE-2021-27921

For more information

If you have any questions or comments about this advisory:

• Open an issue in example link to repo
• Email us at example email address

CVE-2021-28677

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening.

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. This dates to Pillow 2.4.0.

CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.

CVE-2021-28675

An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CVE-2021-28676

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.

CVE-2021-34552

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

CVE-2022-22815

Pillow is the friendly PIL (Python Imaging Library) fork. path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

CVE-2022-22816

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

CVE-2022-24303

Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.

GHSA-4fx9-vc88-q2xc

JpegImagePlugin may append an EOF marker to the end of a truncated file, so that the last segment of the data will still be processed by the decoder.

If the EOF marker is not detected as such however, this could lead to an infinite loop where JpegImagePlugin keeps trying to end the file.

CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method ImageMath.eval("exec(exit())").

While Pillow 9.0.0 restricted top-level builtins available to PIL.ImageMath.eval(), it did not prevent builtins available to lambda expressions. These are now also restricted in 9.0.1.

CVE-2022-45198

Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).

CVE-2021-25291

An issue was discovered in Pillow before 8.2.0. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

CVE-2021-23437

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

CVE-2023-4863

Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

GHSA-56pw-mpj4-fxww

Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). Pillow v10.0.1 upgrades the bundled libwebp binary to v1.3.2.

CVE-2023-44271

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.

CVE-2023-50447

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

CVE-2024-28219

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

CVE-2020-35655

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.

CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.

CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

---

Release Notes

python-pillow/Pillow (pillow)

v10.3.0

Compare Source

• CVE-2024-28219: Use strncpy to avoid buffer overflow #​7928
  [radarhere, hugovk]

• Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #​7927
  [radarhere, hugovk]

• Raise ValueError if seeking to greater than offset-sized integer in TIFF #​7883
  [radarhere]

• Add --report argument to __main__.py to omit supported formats #​7818
  [nulano, radarhere, hugovk]

• Added RGB to I;16, I;16L, I;16B and I;16N conversion #​7918, #​7920
  [radarhere]

• Fix editable installation with custom build backend and configuration options #​7658
  [nulano, radarhere]

• Fix putdata() for I;16N on big-endian #​7209
  [Yay295, hugovk, radarhere]

• Determine MPO size from markers, not EXIF data #​7884
  [radarhere]

• Improved conversion from RGB to RGBa, LA and La #​7888
  [radarhere]

• Support FITS images with GZIP_1 compression #​7894
  [radarhere]

• Use I;16 mode for 9-bit JPEG 2000 images #​7900
  [scaramallion, radarhere]

• Raise ValueError if kmeans is negative #​7891
  [radarhere]

• Remove TIFF tag OSUBFILETYPE when saving using libtiff #​7893
  [radarhere]

• Raise ValueError for negative values when loading P1-P3 PPM images #​7882
  [radarhere]

• Added reading of JPEG2000 palettes #​7870
  [radarhere]

• Added alpha_quality argument when saving WebP images #​7872
  [radarhere]

• Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions #​7881
  [radarhere]

• Stop reading EPS image at EOF marker #​7753
  [radarhere]

• PSD layer co-ordinates may be negative #​7706
  [radarhere]

• Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer #​7791
  [radarhere]

• When saving GIF frame that restores to background color, do not fill identical pixels #​7788
  [radarhere]

• Fixed reading PNG iCCP compression method #​7823
  [radarhere]

• Allow writing IFDRational to UNDEFINED tag #​7840
  [radarhere]

• Fix logged tag name when loading Exif data #​7842
  [radarhere]

• Use maximum frame size in IHDR chunk when saving APNG images #​7821
  [radarhere]

• Prevent opening P TGA images without a palette #​7797
  [radarhere]

• Use palette when loading ICO images #​7798
  [radarhere]

• Use consistent arguments for load_read and load_seek #​7713
  [radarhere]

• Turn off nullability warnings for macOS SDK #​7827
  [radarhere]

• Fix shift-sign issue in Convert.c #​7838
  [r-barnes, radarhere]

• Open 16-bit grayscale PNGs as I;16 #​7849
  [radarhere]

• Handle truncated chunks at the end of PNG images #​7709
  [lajiyuan, radarhere]

• Match mask size to pasted image size in GifImagePlugin #​7779
  [radarhere]

• Release GIL while calling WebPAnimDecoderGetNext #​7782
  [evanmiller, radarhere]

• Fixed reading FLI/FLC images with a prefix chunk #​7804
  [twolife]

• Update wl-paste handling and return None for some errors in grabclipboard() on Linux #​7745
  [nik012003, radarhere]

• Remove execute bit from setup.py #​7760
  [hugovk]

• Do not support using test-image-results to upload images after test failures #​7739
  [radarhere]

• Changed ImageMath.ops to be static #​7721
  [radarhere]

• Fix APNG info after seeking backwards more than twice #​7701
  [esoma, radarhere]

• Deprecate ImageCms constants and versions() function #​7702
  [nulano, radarhere]

• Added PerspectiveTransform #​7699
  [radarhere]

• Add support for reading and writing grayscale PFM images #​7696
  [nulano, hugovk]

• Add LCMS2 flags to ImageCms #​7676
  [nulano, radarhere, hugovk]

• Rename x64 to AMD64 in winbuild #​7693
  [nulano]

v10.2.0

Compare Source

• Add keep_rgb option when saving JPEG to prevent conversion of RGB colorspace #​7553
  [bgilbert, radarhere]

• Trim glyph size in ImageFont.getmask() #​7669, #​7672
  [radarhere, nulano]

• Deprecate IptcImagePlugin helpers #​7664
  [nulano, hugovk, radarhere]

• Allow uncompressed TIFF images to be saved in chunks #​7650
  [radarhere]

• Concatenate multiple JPEG EXIF markers #​7496
  [radarhere]

• Changed IPTC tile tuple to match other plugins #​7661
  [radarhere]

• Do not assign new fp attribute when exiting context manager #​7566
  [radarhere]

• Support arbitrary masks for uncompressed RGB DDS images #​7589
  [radarhere, akx]

• Support setting ROWSPERSTRIP tag #​7654
  [radarhere]

• Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask() #​7662
  [radarhere]

• Optimise ImageColor using functools.lru_cache #​7657
  [hugovk]

• Restricted environment keys for ImageMath.eval() #​7655
  [wiredfool, radarhere]

• Optimise ImageMode.getmode using functools.lru_cache #​7641
  [hugovk, radarhere]

• Fix incorrect color blending for overlapping glyphs #​7497
  [ZachNagengast, nulano, radarhere]

• Attempt memory mapping when tile args is a string #​7565
  [radarhere]

• Fill identical pixels with transparency in subsequent frames when saving GIF #​7568
  [radarhere]

• Corrected duration when combining multiple GIF frames into single frame #​7521
  [radarhere]

• Handle disposing GIF background from outside palette #​7515
  [radarhere]

• Seek past the data when skipping a PSD layer #​7483
  [radarhere]

• Import plugins relative to the module #​7576
  [deliangyang, jaxx0n]

• Translate encoder error codes to strings; deprecate ImageFile.raise_oserror() #​7609
  [bgilbert, radarhere]

• Support reading BC4U and DX10 BC1 images #​6486
  [REDxEYE, radarhere, hugovk]

• Optimize ImageStat.Stat.extrema #​7593
  [florath, radarhere]

• Handle pathlib.Path in FreeTypeFont #​7578
  [radarhere, hugovk, nulano]

• Added support for reading DX10 BC4 DDS images #​7603
  [sambvfx, radarhere]

• Optimized ImageStat.Stat.count #​7599
  [florath]

• Correct PDF palette size when saving #​7555
  [radarhere]

• Fixed closing file pointer with olefile 0.47 #​7594
  [radarhere]

• Raise ValueError when TrueType font size is not greater than zero #​7584, #​7587
  [akx, radarhere]

• If absent, do not try to close fp when closing image #​7557
  [RaphaelVRossi, radarhere]

• Allow configuring JPEG restart marker interval on save #​7488
  [bgilbert, radarhere]

• Decrement reference count for PyObject #​7549
  [radarhere]

• Implement streamtype=1 option for tables-only JPEG encoding #​7491
  [bgilbert, radarhere]

• If save_all PNG only has one frame, do not create animated image #​7522
  [radarhere]

• Fixed frombytes() for images with a zero dimension #​7493
  [radarhere]

v10.1.0

Compare Source

• Added TrueType default font to allow for different sizes #​7354
  [radarhere]

• Fixed invalid argument warning #​7442
  [radarhere]

• Added ImageOps cover method #​7412
  [radarhere, hugovk]

• Catch struct.error from truncated EXIF when reading JPEG DPI #​7458
  [radarhere]

• Consider default image when selecting mode for PNG save_all #​7437
  [radarhere]

• Support BGR;15, BGR;16 and BGR;24 access, unpacking and putdata #​7303
  [radarhere]

• Added CMYK to RGB unpacker #​7310
  [radarhere]

• Improved flexibility of XMP parsing #​7274
  [radarhere]

• Support reading 8-bit YCbCr TIFF images #​7415
  [radarhere]

• Allow saving I;16B images as PNG #​7302
  [radarhere]

• Corrected drawing I;16 points and writing I;16 text #​7257
  [radarhere]

• Set blue channel to 128 for BC5S #​7413
  [radarhere]

• Increase flexibility when reading IPTC fields #​7319
  [radarhere]

• Set C palette to be empty by default #​7289
  [radarhere]

• Added gs_binary to control Ghostscript use on all platforms #​7392
  [radarhere]

• Read bounding box information from the trailer of EPS files if specified #​7382
  [nopperl, radarhere]

• Added reading 8-bit color DDS images #​7426
  [radarhere]

• Added has_transparency_data #​7420
  [radarhere, hugovk]

• Fixed bug when reading BC5S DDS images #​7401
  [radarhere]

• Prevent TIFF orientation from being applied more than once #​7383
  [radarhere]

• Use previous pixel alpha for QOI_OP_RGB #​7357
  [radarhere]

• Added BC5U reading #​7358
  [radarhere]

• Allow getpixel() to accept a list #​7355
  [radarhere, homm]

• Allow GaussianBlur and BoxBlur to accept a sequence of x and y radii #​7336
  [radarhere]

• Expand JPEG buffer size when saving optimized or progressive #​7345
  [radarhere]

• Added session type check for Linux in ImageGrab.grabclipboard() #​7332
  [TheNooB2706, radarhere, hugovk]

• Allow "loop=None" when saving GIF images #​7329
  [radarhere]

• Fixed transparency when saving P mode images to PDF #​7323
  [radarhere]

• Added saving LA images as PDFs #​7299
  [radarhere]

• Set SMaskInData to 1 for PDFs with alpha #​7316, #​7317
  [radarhere]

• Changed Image mode property to be read-only by default #​7307
  [radarhere]

• Silence exceptions in repr_jpeg and repr_png #​7266
  [mtreinish, radarhere]

• Do not use transparency when saving GIF if it has been removed when normalizing mode #​7284
  [radarhere]

• Fix missing symbols when libtiff depends on libjpeg #​7270
  [heitbaum]

v10.0.1

Compare Source

• Updated libwebp to 1.3.2 #​7395
  [radarhere]

• Updated zlib to 1.3 #​7344
  [radarhere]

v10.0.0

Compare Source

• Fixed deallocating mask images #​7246
  [radarhere]

• Added ImageFont.MAX_STRING_LENGTH #​7244
  [radarhere, hugovk]

• Fix Windows build with pyproject.toml #​7230
  [hugovk, nulano, radarhere]

• Do not close provided file handles with libtiff #​7199
  [radarhere]

• Convert to HSV if mode is HSV in getcolor() #​7226
  [radarhere]

• Added alpha_only argument to getbbox() #​7123
  [radarhere. hugovk]

• Prioritise speed in repr_png #​7242
  [radarhere]

• Do not use CFFI access by default on PyPy #​7236
  [radarhere]

• Limit size even if one dimension is zero in decompression bomb check #​7235
  [radarhere]

• Use --config-settings instead of deprecated --global-option #​7171
  [radarhere]

• Better C integer definitions #​6645
  [Yay295, hugovk]

• Fixed finding dependencies on Cygwin #​7175
  [radarhere]

• Changed grabclipboard() to use PNG instead of JPG compression on macOS #​7219
  [abey79, radarhere]

• Added in_place argument to ImageOps.exif_transpose() #​7092
  [radarhere]

• Fixed calling putpalette() on L and LA images before load() #​7187
  [radarhere]

• Fixed saving TIFF multiframe images with LONG8 tag types #​7078
  [radarhere]

• Fixed combining single duration across duplicate APNG frames #​7146
  [radarhere]

• Remove temporary file when error is raised #​7148
  [radarhere]

• Do not use temporary file when grabbing clipboard on Linux #​7200
  [radarhere]

• If the clipboard fails to open on Windows, wait and try again #​7141
  [radarhere]

• Fixed saving multiple 1 mode frames to GIF #​7181
  [radarhere]

• Replaced absolute PIL import with relative import #​7173
  [radarhere]

• Replaced deprecated Py_FileSystemDefaultEncoding for Python >= 3.12 #​7192
  [radarhere]

• Improved wl-paste mimetype handling in ImageGrab #​7094
  [rrcgat, radarhere]

• Added repr_jpeg() for IPython display_jpeg #​7135
  [n3011, radarhere, nulano]

• Use "/sbin/ldconfig" if ldconfig is not found #​7068
  [radarhere]

• Prefer screenshots using XCB over gnome-screenshot #​7143
  [nulano, radarhere]

• Fixed joined corners for ImageDraw rounded_rectangle() odd dimensions #​7151
  [radarhere]

• Support reading signed 8-bit TIFF images #​7111
  [radarhere]

• Added width argument to ImageDraw regular_polygon #​7132
  [radarhere]

• Support I mode for ImageFilter.BuiltinFilter #​7108
  [radarhere]

• Raise error from stderr of Linux ImageGrab.grabclipboard() command #​7112
  [radarhere]

• Added unpacker from I;16B to I;16 #​7125
  [radarhere]

• Support float font sizes #​7107
  [radarhere]

• Use later value for duplicate xref entries in PdfParser #​7102
  [radarhere]

• Load before getting size in getstate #​7105
  [bigcat88, radarhere]

• Fixed type handling for include and lib directories #​7069
  [adisbladis, radarhere]

• Remove deprecations for Pillow 10.0.0 #​7059, #​7080
  [hugovk, radarhere]

• Drop support for soon-EOL Python 3.7 #​7058
  [hugovk, radarhere]

v9.5.0

Compare Source

• Added ImageSourceData to TAGS_V2 #​7053
  [radarhere]

• Clear PPM half token after use #​7052
  [radarhere]

• Removed absolute path to ldconfig #​7044
  [radarhere]

• Support custom comments and PLT markers when saving JPEG2000 images #​6903
  [joshware, radarhere, hugovk]

• Load before getting size in array_interface #​7034
  [radarhere]

• Support creating BGR;15, BGR;16 and BGR;24 images, but drop support for BGR;32 #​7010
  [radarhere]

• Consider transparency when applying APNG blend mask #​7018
  [radarhere]

• Round duration when saving animated WebP images #​6996
  [radarhere]

• Added reading of JPEG2000 comments #​6909
  [radarhere]

• Decrement reference count #​7003
  [radarhere, nulano]

• Allow libtiff_support_custom_tags to be missing #​7020
  [radarhere]

• Improved I;16N support #​6834
  [radarhere]

• Added QOI reading #​6852
  [radarhere, hugovk]

• Added saving RGBA images as PDFs #​6925
  [radarhere]

• Do not raise an error if os.environ does not contain PATH #​6935
  [radarhere, hugovk]

• Close OleFileIO instance when closing or exiting FPX or MIC #​7005
  [radarhere]

• Added int to IFDRational for Python >= 3.11 #​6998
  [radarhere]

• Added memoryview support to Dib.frombytes() #​6988
  [radarhere, nulano]

• Close file pointer copy in the libtiff encoder if still open #​6986
  [fcarron, radarhere]

• Raise an error if ImageDraw co-ordinates are incorrectly ordered #​6978
  [radarhere]

• Added "corners" argument to ImageDraw rounded_rectangle() #​6954
  [radarhere]

• Added memoryview support to frombytes() #​6974
  [radarhere]

• Allow comments in FITS images #​6973
  [radarhere]

• Support saving PDF with different X and Y resolutions #​6961
  [jvanderneutstulen, radarhere, hugovk]

• Fixed writing int as UNDEFINED tag #​6950
  [radarhere]

• Raise an error if EXIF data is too long when saving JPEG #​6939
  [radarhere]

• Handle more than one directory returned by pkg-config #​6896
  [sebastic, radarhere]

• Do not retry past formats when loading all formats for the first time #​6902
  [radarhere]

• Do not retry specified formats if they failed when opening #​6893
  [radarhere]

• Do not unintentionally load TIFF format at first #​6892
  [radarhere]

• Stop reading when EPS line becomes too long #​6897
  [radarhere]

• Allow writing IFDRational to BYTE tag #​6890
  [radarhere]

• Raise ValueError for BoxBlur filter with negative radius #​6874
  [hugovk, radarhere]

• Support arbitrary number of loaded modules on Windows #​6761
  [javidcf, radarhere, nulano]

v9.4.0

Compare Source

• Fixed null pointer dereference crash with malformed font #​6846
  [wiredfool, radarhere]

• Return from ImagingFill early if image has a zero dimension #​6842
  [radarhere]

• Reversed deprecations for Image constants, except for duplicate Resampling attributes #​6830
  [radarhere]

• Improve exception traceback readability #​6836
  [hugovk, radarhere]

• Do not attempt to read IFD1 if absent #​6840
  [radarhere]

• Fixed writing int as ASCII tag #​6800
  [radarhere]

• If available, use wl-paste or xclip for grabclipboard() on Linux #​6783
  [radarhere]

• Added signed option when saving JPEG2000 images #​6709
  [radarhere]

• Patch OpenJPEG to include ARM64 fix #​6718
  [radarhere]

• Added support for I;16 modes in putdata() #​6825
  [radarhere]

• Added conversion from RGBa to RGB #​6708
  [radarhere]

• Added DDS support for uncompressed L and LA images #​6820
  [radarhere, REDxEYE]

• Added LightSource tag values to ExifTags #​6749
  [radarhere]

• Fixed PyAccess after changing ICO size #​6821
  [radarhere]

• Do not use EXIF from info when saving PNG images #​6819
  [radarhere]

• Fixed saving EXIF data to MPO #​6817
  [radarhere]

• Added Exif hide_offsets() #​6762
  [radarhere]

• Only compare to previous frame when checking for duplicate GIF frames while saving #​6787
  [radarhere]

• Always initialize all plugins in registered_extensions() #​6811
  [radarhere]

• Ignore non-opaque WebP background when saving as GIF #​6792
  [radarhere]

• Only set tile in ImageFile setstate #​6793
  [radarhere]

• When reading BLP, do not trust JPEG decoder to determine image is CMYK #​6767
  [radarhere]

• Added IFD enum to ExifTags #​6748
  [radarhere]

• Fixed bug combining GIF frame durations #​6779
  [radarhere]

• Support saving JPEG comments #​6774
  [smason, radarhere]

• Added getxmp() to WebPImagePlugin #​6758
  [radarhere]

• Added "exact" option when saving WebP #​6747
  [ashafaei, radarhere]

• Use fractional coordinates when drawing text #​6722
  [radarhere]

• Fixed writing int as BYTE tag #​6740
  [radarhere]

• Added MP Format Version when saving MPO #​6735
  [radarhere]

• Added Interop to ExifTags #​6724
  [radarhere]

• CVE-2007-4559 patch when building on Windows #​6704
  [TrellixVulnTeam, nulano, radarhere]

• Fix compiler warning: accessing 64 bytes in a region of size 48 #​6714
  [wiredfool]

• Use verbose flag for pip install #​6713
  [wiredfool, radarhere]

v9.3.0

Compare Source

• Limit SAMPLESPERPIXEL to avoid runtime DOS #​6700
  [wiredfool]

• Initialize libtiff buffer when saving #​6699
  [radarhere]

• Inline fname2char to fix memory leak #​6329
  [nulano]

• Fix memory leaks related to text features #​6330
  [nulano]

• Use double quotes for version check on old CPython on Windows #​6695
  [hugovk]

• Remove backup implementation of Round for Windows platforms #​6693
  [cgohlke]

• Fixed set_variation_by_name offset #​6445
  [radarhere]

• Fix malloc in _imagingft.c:font_setvaraxes #​6690
  [cgohlke]

• Release Python GIL when converting images using matrix operations #​6418
  [hmaarrfk]

• Added ExifTags enums #​6630
  [radarhere]

• Do not modify previous frame when calculating delta in PNG #​6683
  [radarhere]

• Added support for reading BMP images with RLE4 compression #​6674
  [npjg, radarhere]

• Decode JPEG compressed BLP1 data in original mode #​6678
  [radarhere]

• Added GPS TIFF tag info #​6661
  [radarhere]

• Added conversion between RGB/RGBA/RGBX and LAB #​6647
  [radarhere]

• Do not attempt normalization if mode is already normal #​6644
  [radarhere]

• Fixed seeking to an L frame in a GIF #​6576
  [radarhere]

• Consider all frames when selecting mode for PNG save_all #​6610
  [radarhere]

• Don't reassign crc on ChunkStream close #​6627
  [wiredfool, radarhere]

• Raise a warning if NumPy failed to raise an error during conversion #​6594
  [radarhere]

• Show all frames in ImageShow #​6611
  [radarhere]

• Allow FLI palette chunk to not be first #​6626
  [radarhere]

• If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode #​6592
  [radarhere]

• Round box position to integer when pasting embedded color #​6517
  [radarhere, nulano]

• Removed EXIF prefix when saving WebP #​6582
  [radarhere]

• Pad IM palette to 768 bytes when saving #​6579
  [radarhere]

• Added DDS BC6H reading #​6449
  [ShadelessFox, REDxEYE, radarhere]

• Added support for opening WhiteIsZero 16-bit integer TIFF images #​6642
  [JayWiz, radarhere]

• Raise an error when allocating translucent color to RGB palette #​6654
  [jsbueno, radarhere]

• Added reading of TIFF child images #​6569
  [radarhere]

• Improved ImageOps palette handling #​6596
  [PososikTeam, radarhere]

• Defer parsing of palette into colors #​6567
  [radarhere]

• Apply transparency to P images in ImageTk.PhotoImage #​6559
  [radarhere]

• Use rounding in ImageOps contain() and pad() #​6522
  [bibinhashley, radarhere]

• Fixed GIF remapping to palette with duplicate entries #​6548
  [radarhere]

• Allow remap_palette() to return an image with less than 256 palette entries #​6543
  [radarhere]

• Corrected BMP and TGA palette size when saving #​6500
  [radarhere]

• Do not call load() before draft() in Image.thumbnail #​6539
  [radarhere]

• Copy palette when converting from P to PA #​6497
  [radarhere]

• Allow RGB and RGBA values for PA image putpixel #​6504
  [radarhere]

• Removed support for tkinter in PyPy before Python 3.6 #​6551
  [nulano]

• Do not use CCITTFaxDecode filter if libtiff is not available #​6518
  [radarhere]

• Fallback to not using mmap if buffer is not large enough #​6510
  [radarhere]

• Fixed writing bytes as ASCII tag #​6493
  [radarhere]

• Open 1 bit EPS in mode 1 #​6499
  [radarhere]

• Removed support for tkinter before Python 1.5.2 #​6549
  [radarhere]

• Allow default ImageDraw font to be set #​6484
  [radarhere, hugovk]

• Save 1 mode PDF using CCITTFaxDecode filter #​6470
  [radarhere]

• Added support for RGBA PSD images #​6481
  [radarhere]

• Parse orientation from XMP tag contents #​6463
  [bigcat88, radarhere]

• Added support for reading ATI1/ATI2 (BC4/BC5) DDS images #​6457
  [REDxEYE, radarhere]

• Do not clear GIF tile when checking number of frames #​6455
  [radarhere]

• Support saving multiple MPO frames #​6444
  [radarhere]

• Do not double quote Pillow version for setuptools >= 60 #​6450
  [radarhere]

• Added ABGR BMP mask mode #​6436
  [radarhere]

• Fixed PSDraw rectangle #​6429
  [radarhere]

• Raise ValueError if PNG sRGB chunk is truncated #​6431
  [radarhere]

• Handle missing Python executable in ImageShow on macOS #​6416
  [bryant1410, radarhere]

v9.2.0

Compare Source

• Deprecate ImageFont.getsize and related functions #​6381
  [nulano, radarhere]

• Fixed null check for fribidi_version_info in FriBiDi shim #​6376
  [nulano]

• Added GIF decompression bomb check #​6402
  [radarhere]

• Handle PCF fonts files with less than 256 characters #​6386
  [dawidcrivelli, radarhere]

• Improved GIF optimize condition #​6378
  [raygard, radarhere]

• Reverted to array_interface with the release of NumPy 1.23 #​6394
  [radarhere]

• Pad PCX palette to 768 bytes when saving #​6391
  [radarhere]

• Fixed bug with rounding pixels to palette colors #​6377
  [btrekkie, radarhere]

• Use gnome-screenshot on Linux if available #​6361
  [radarhere, nulano]

• Fixed loading L mode BMP RLE8 images #​6384
  [radarhere]

• Fixed incorrect operator in ImageCms error #​6370
  [LostBenjamin, hugovk, radarhere]

• Limit FPX tile size to avoid extending outside image #​6368
  [radarhere]

• Added support for decoding plain PPM formats #​5242
  [Piolie, radarhere]

• Added apply_transparency() #​6352
  [radarhere]

• Fixed behaviour change from endian fix #​6197
  [radarhere]

• Allow remapping P images with RGBA palettes #​6350
  [radarhere]

• Fixed drawing translucent 1px high polygons #​6278
  [radarhere]

• Pad COLORMAP to 768 items when saving TIFF #​6232
  [radarhere]

• Fix P -> PA conversion #​6337
  [RedShy, radarhere]

• Once exif data is parsed, do not reload unless it changes #​6335
  [radarhere]

• Only try to connect discontiguous corners at the end of edges #​6303
  [radarhere]

• Improve transparency handling when saving GIF images #​6176
  [radarhere]

• Do not update GIF frame position until local image is found #​6219
  [radarhere]

• Netscape GIF extension belongs after the global color table #​6211
  [radarhere]

• Only write GIF comments at the beginning of the file #​6300
  [raygard, radarhere]

• Separate multiple GIF comment blocks with newlines #​6294
  [raygard, radarhere]

• Always use GIF89a for comments #​6292
  [raygard, radarhere]

• Ignore compression value from BMP info dictionary when saving as TIFF #​6231
  [radarhere]

• If font is file-like object, do not re-read from object to get variant #​6234
  [radarhere]

• Raise ValueError when trying to access internal fp after close #​6213
  [radarhere]

• Support more affine expression forms in im.point() #​6254
  [benrg, radarhere]

• Populate Python palette in fromarray() #​6283
  [radarhere]

• Raise ValueError if PNG chunks are truncated [#​6253](https://redirect.gi

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock

Updating dependencies
Resolving dependencies...

Creating virtualenv pixelmatch--C27oMZR-py3.12 in /home/ubuntu/.cache/pypoetry/virtualenvs

The current project's Python requirement (>=3.7,<4.0) is not compatible with some of the required packages Python requirement:
  - pillow requires Python >=3.8, so it will not be satisfied for Python >=3.7,<3.8
  - pillow requires Python >=3.8, so it will not be satisfied for Python >=3.7,<3.8
  - pillow requires Python >=3.8, so it will not be satisfied for Python >=3.7,<3.8
  - pillow requires Python >=3.8, so it will not be satisfied for Python >=3.7,<3.8
  - pillow requires Python >=3.8, so it will not be satisfied for Python >=3.7,<3.8
  - pillow requires Python >=3.8, so it will not be satisfied for Python >=3.7,<3.8

Because no versions of pillow match >10.0.0,<10.0.1 || >10.0.1,<10.1.0 || >10.1.0,<10.2.0 || >10.2.0,<10.3.0 || >10.3.0,<10.4.0 || >10.4.0,<11.0.0
 and pillow (10.0.0) requires Python >=3.8, pillow is forbidden.
And because pillow (10.0.1) requires Python >=3.8
 and pillow (10.1.0) requires Python >=3.8, pillow is forbidden.
And because pillow (10.2.0) requires Python >=3.8
 and pillow (10.3.0) requires Python >=3.8, pillow is forbidden.
So, because pillow (10.4.0) requires Python >=3.8
 and pixelmatch depends on pillow (^10.0.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties
    
    For pillow, a possible solution would be to set the `python` property to ">=3.8,<4.0"
    For pillow, a possible solution would be to set the `python` property to ">=3.8,<4.0"
    For pillow, a possible solution would be to set the `python` property to ">=3.8,<4.0"
    For pillow, a possible solution would be to set the `python` property to ">=3.8,<4.0"
    For pillow, a possible solution would be to set the `python` property to ">=3.8,<4.0"
    For pillow, a possible solution would be to set the `python` property to ">=3.8,<4.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers