Update dependency Pillow to v9 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Pillow (source, changelog)	==5.2.0 -> ==9.0.1

GitHub Vulnerability Alerts

CVE-2020-5313

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.

CVE-2019-19911

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer.

CVE-2020-10177

Pillow before 6.2.3 and 7.x before 7.0.1 has multiple out-of-bounds reads in libImaging/FliDecode.c.

CVE-2020-10994

In libImaging/Jpeg2KDecode.c in Pillow before 7.0.0, there are multiple out-of-bounds reads via a crafted JP2 file.

CVE-2020-10379

In Pillow before 6.2.3 and 7.x before 7.0.1, there are two Buffer Overflows in libImaging/TiffDecode.c.

CVE-2020-11538

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

CVE-2021-27921

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

CVE-2020-35655

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.

CVE-2021-27922

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.

CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.

CVE-2021-27923

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.

CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

CVE-2021-25293

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. This dates to Pillow 2.4.0.

CVE-2021-28675

An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.

CVE-2021-28676

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.

CVE-2021-28677

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening.

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.

CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x before 7.0.1, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.

CVE-2020-5312

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.

CVE-2022-22816

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

CVE-2022-22815

Pillow is the friendly PIL (Python Imaging Library) fork. path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

CVE-2022-24303

If the path to the temporary directory on Linux or macOS contained a space, this would break removal of the temporary image file after im.show() (and related actions), and potentially remove an unrelated file. This been present since PIL.

GHSA-4fx9-vc88-q2xc

JpegImagePlugin may append an EOF marker to the end of a truncated file, so that the last segment of the data will still be processed by the decoder.

If the EOF marker is not detected as such however, this could lead to an infinite loop where JpegImagePlugin keeps trying to end the file.

CVE-2021-25291

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.

---

Release Notes

python-pillow/Pillow

v9.0.1

Compare Source

• In show_file, use os.remove to remove temporary images. CVE-2022-24303 #​6010
  [radarhere, hugovk]

• Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 #​6009
  [radarhere]

v9.0.0

Compare Source

• Restrict builtins for ImageMath.eval(). CVE-2022-22817 #​5923
  [radarhere]

• Ensure JpegImagePlugin stops at the end of a truncated file #​5921
  [radarhere]

• Fixed ImagePath.Path array handling. CVE-2022-22815, CVE-2022-22816 #​5920
  [radarhere]

• Remove consecutive duplicate tiles that only differ by their offset #​5919
  [radarhere]

• Improved I;16 operations on big endian #​5901
  [radarhere]

• Limit quantized palette to number of colors #​5879
  [radarhere]

• Fixed palette index for zeroed color in FASTOCTREE quantize #​5869
  [radarhere]

• When saving RGBA to GIF, make use of first transparent palette entry #​5859
  [radarhere]

• Pass SAMPLEFORMAT to libtiff #​5848
  [radarhere]

• Added rounding when converting P and PA #​5824
  [radarhere]

• Improved putdata() documentation and data handling #​5910
  [radarhere]

• Exclude carriage return in PDF regex to help prevent ReDoS #​5912
  [hugovk]

• Fixed freeing pointer in ImageDraw.Outline.transform #​5909
  [radarhere]

• Added ImageShow support for xdg-open #​5897
  [m-shinder, radarhere]

• Support 16-bit grayscale ImageQt conversion #​5856
  [cmbruns, radarhere]

• Convert subsequent GIF frames to RGB or RGBA #​5857
  [radarhere]

• Do not prematurely return in ImageFile when saving to stdout #​5665
  [infmagic2047, radarhere]

• Added support for top right and bottom right TGA orientations #​5829
  [radarhere]

• Corrected ICNS file length in header #​5845
  [radarhere]

• Block tile TIFF tags when saving #​5839
  [radarhere]

• Added line width argument to polygon #​5694
  [radarhere]

• Do not redeclare class each time when converting to NumPy #​5844
  [radarhere]

• Only prevent repeated polygon pixels when drawing with transparency #​5835
  [radarhere]

• Add support for pickling TrueType fonts #​5826
  [hugovk, radarhere]

• Only prefer command line tools SDK on macOS over default MacOSX SDK #​5828
  [radarhere]

• Drop support for soon-EOL Python 3.6 #​5768
  [hugovk, nulano, radarhere]

• Fix compilation on 64-bit Termux #​5793
  [landfillbaby]

• Use title for display in ImageShow #​5788
  [radarhere]

• Remove support for FreeType 2.7 and older #​5777
  [hugovk, radarhere]

• Fix for PyQt6 #​5775
  [hugovk, radarhere]

• Removed deprecated PILLOW_VERSION, Image.show command parameter, Image._showxv and ImageFile.raise_ioerror #​5776
  [radarhere]

v8.4.0

Compare Source

• Prefer global transparency in GIF when replacing with background color #​5756
  [radarhere]

• Added "exif" keyword argument to TIFF saving #​5575
  [radarhere]

• Copy Python palette to new image in quantize() #​5696
  [radarhere]

• Read ICO AND mask from end #​5667
  [radarhere]

• Actually check the framesize in FliDecode.c #​5659
  [wiredfool]

• Determine JPEG2000 mode purely from ihdr header box #​5654
  [radarhere]

• Fixed using info dictionary when writing multiple APNG frames #​5611
  [radarhere]

• Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 #​5655
  [radarhere]

• For GIF save_all with palette, do not include palette with each frame #​5603
  [radarhere]

• Keep transparency when converting from P to LA or PA #​5606
  [radarhere]

• Copy palette to new image in transform() #​5647
  [radarhere]

• Added "transparency" argument to EpsImagePlugin load() #​5620
  [radarhere]

• Corrected pathlib.Path detection when saving #​5633
  [radarhere]

• Added WalImageFile class #​5618
  [radarhere]

• Consider I;16 pixel size when drawing text #​5598
  [radarhere]

• If default conversion from P is RGB with transparency, convert to RGBA #​5594
  [radarhere]

• Speed up rotating square images by 90 or 270 degrees #​5646
  [radarhere]

• Add support for reading DPI information from JPEG2000 images
  [rogermb, radarhere]

• Catch TypeError from corrupted DPI value in EXIF #​5639
  [homm, radarhere]

• Do not close file pointer when saving SGI images #​5645
  [farizrahman4u, radarhere]

• Deprecate ImagePalette size parameter #​5641
  [radarhere, hugovk]

• Prefer command line tools SDK on macOS #​5624
  [radarhere]

• Added tags when saving YCbCr TIFF #​5597
  [radarhere]

• PSD layer count may be negative #​5613
  [radarhere]

• Fixed ImageOps expand with tuple border on P image #​5615
  [radarhere]

• Fixed error saving APNG with duplicate frames and different duration times #​5609
  [thak1411, radarhere]

v8.3.2

Compare Source

• CVE-2021-23437 Raise ValueError if color specifier is too long
  [hugovk, radarhere]

• Fix 6-byte OOB read in FliDecode
  [wiredfool]

• Add support for Python 3.10 #​5569, #​5570
  [hugovk, radarhere]

• Ensure TIFF RowsPerStrip is multiple of 8 for JPEG compression #​5588
  [kmilos, radarhere]

• Updates for ImagePalette channel order #​5599
  [radarhere]

• Hide FriBiDi shim symbols to avoid conflict with real FriBiDi library #​5651
  [nulano]

v8.3.1

Compare Source

• Catch OSError when checking if fp is sys.stdout #​5585
  [radarhere]

• Handle removing orientation from alternate types of EXIF data #​5584
  [radarhere]

• Make Image.array take optional dtype argument #​5572
  [t-vi, radarhere]

v8.3.0

Compare Source

• Use snprintf instead of sprintf. CVE-2021-34552 #​5567
  [radarhere]

• Limit TIFF strip size when saving with LibTIFF #​5514
  [kmilos]

• Allow ICNS save on all operating systems #​4526
  [baletu, radarhere, newpanjing, hugovk]

• De-zigzag JPEG's DQT when loading; deprecate convert_dict_qtables #​4989
  [gofr, radarhere]

• Replaced xml.etree.ElementTree #​5565
  [radarhere]

• Moved CVE image to pillow-depends #​5561
  [radarhere]

• Added tag data for IFD groups #​5554
  [radarhere]

• Improved ImagePalette #​5552
  [radarhere]

• Add DDS saving #​5402
  [radarhere]

• Improved getxmp() #​5455
  [radarhere]

• Convert to float for comparison with float in IFDRational eq #​5412
  [radarhere]

• Allow getexif() to access TIFF tag_v2 data #​5416
  [radarhere]

• Read FITS image mode and size #​5405
  [radarhere]

• Merge parallel horizontal edges in ImagingDrawPolygon #​5347
  [radarhere, hrdrq]

• Use transparency behind first GIF frame and when disposing to background #​5557
  [radarhere, zewt]

• Avoid unstable nature of qsort in Quant.c #​5367
  [radarhere]

• Copy palette to new images in ImageOps expand #​5551
  [radarhere]

• Ensure palette string matches RGB mode #​5549
  [radarhere]

• Do not modify EXIF of original image instance in exif_transpose() #​5547
  [radarhere]

• Fixed default numresolution for small JPEG2000 images #​5540
  [radarhere]

• Added DDS BC5 reading #​5501
  [radarhere]

• Raise an error if ImageDraw.textbbox is used without a TrueType font #​5510
  [radarhere]

• Added ICO saving in BMP format #​5513
  [radarhere]

• Ensure PNG seeks to end of previous chunk at start of load_end #​5493
  [radarhere]

• Do not allow TIFF to seek to a past frame #​5473
  [radarhere]

• Avoid race condition when displaying images with eog #​5507
  [mconst]

• Added specific error messages when ink has incorrect number of bands #​5504
  [radarhere]

• Allow converting an image to a numpy array to raise errors #​5379
  [radarhere]

• Removed DPI rounding from BMP, JPEG, PNG and WMF loading #​5476, #​5470
  [radarhere]

• Remove spikes when drawing thin pieslices #​5460
  [xtsm]

• Updated default value for SAMPLESPERPIXEL TIFF tag #​5452
  [radarhere]

• Removed TIFF DPI rounding #​5446
  [radarhere, hugovk]

• Include code in WebP error #​5471
  [radarhere]

• Do not alter pixels outside mask when drawing text on an image with transparency #​5434
  [radarhere]

• Reset handle when seeking backwards in TIFF #​5443
  [radarhere]

• Replace sys.stdout with sys.stdout.buffer when saving #​5437
  [radarhere]

• Fixed UNDEFINED TIFF tag of length 0 being changed in roundtrip #​5426
  [radarhere]

• Fixed bug when checking FreeType2 version if it is not installed #​5445
  [radarhere]

• Do not round dimensions when saving PDF #​5459
  [radarhere]

• Added ImageOps contain() #​5417
  [radarhere, hugovk]

• Changed WebP default "method" value to 4 #​5450
  [radarhere]

• Switched to saving 1-bit PDFs with DCTDecode #​5430
  [radarhere]

• Use bpp from ICO header #​5429
  [radarhere]

• Corrected JPEG APP14 transform value #​5408
  [radarhere]

• Changed TIFF tag 33723 length to 1 #​5425
  [radarhere]

• Changed ImageMorph incorrect mode errors to ValueError #​5414
  [radarhere]

• Add EXIF tags specified in EXIF 2.32 #​5419
  [gladiusglad]

• Treat previous contents of first GIF frame as transparent #​5391
  [radarhere]

• For special image modes, revert default resize resampling to NEAREST #​5411
  [radarhere]

• JPEG2000: Support decoding subsampled RGB and YCbCr images #​4996
  [nulano, radarhere]

• Stop decoding BC1 punchthrough alpha in BC2&3 #​4144
  [jansol]

• Use zero if GIF background color index is missing #​5390
  [radarhere]

• Fixed ensuring that GIF previous frame was loaded #​5386
  [radarhere]

• Valgrind fixes #​5397
  [wiredfool]

• Round down the radius in rounded_rectangle #​5382
  [radarhere]

• Fixed reading uncompressed RGB data from DDS #​5383
  [radarhere]

v8.2.0

Compare Source

• Added getxmp() method #​5144
  [UrielMaD, radarhere]

• Add ImageShow support for GraphicsMagick #​5349
  [latosha-maltba, radarhere]

• Do not load transparent pixels from subsequent GIF frames #​5333
  [zewt, radarhere]

• Use LZW encoding when saving GIF images #​5291
  [raygard]

• Set all transparent colors to be equal in quantize() #​5282
  [radarhere]

• Allow PixelAccess to use Python int when parsing x and y #​5206
  [radarhere]

• Removed Image._MODEINFO #​5316
  [radarhere]

• Add preserve_tone option to autocontrast #​5350
  [elejke, radarhere]

• Fixed linear_gradient and radial_gradient I and F modes #​5274
  [radarhere]

• Add support for reading TIFFs with PlanarConfiguration=2 #​5364
  [kkopachev, wiredfool, nulano]

• Deprecated categories #​5351
  [radarhere]

• Do not premultiply alpha when resizing with Image.NEAREST resampling #​5304
  [nulano]

• Dynamically link FriBiDi instead of Raqm #​5062
  [nulano]

• Allow fewer PNG palette entries than the bit depth maximum when saving #​5330
  [radarhere]

• Use duration from info dictionary when saving WebP #​5338
  [radarhere]

• Stop flattening EXIF IFD into getexif() #​4947
  [radarhere, kkopachev]

• Replaced tiff_deflate with tiff_adobe_deflate compression when saving TIFF images #​5343
  [radarhere]

• Save ICC profile from TIFF encoderinfo #​5321
  [radarhere]

• Moved RGB fix inside ImageQt class #​5268
  [radarhere]

• Allow alpha_composite destination to be negative #​5313
  [radarhere]

• Ensure file is closed if it is opened by ImageQt.ImageQt #​5260
  [radarhere]

• Added ImageDraw rounded_rectangle method #​5208
  [radarhere]

• Added IPythonViewer #​5289
  [radarhere, Kipkurui-mutai]

• Only draw each rectangle outline pixel once #​5183
  [radarhere]

• Use mmap instead of built-in Win32 mapper #​5224
  [radarhere, cgohlke]

• Handle PCX images with an odd stride #​5214
  [radarhere]

• Only read different sizes for "Large Thumbnail" MPO frames #​5168
  [radarhere]

• Added PyQt6 support #​5258
  [radarhere]

• Changed Image.open formats parameter to be case-insensitive #​5250
  [Piolie, radarhere]

• Deprecate Tk/Tcl 8.4, to be removed in Pillow 10 (2023-07-01) #​5216
  [radarhere]

• Added tk version to pilinfo #​5226
  [radarhere, nulano]

• Support for ignoring tests when running valgrind #​5150
  [wiredfool, radarhere, hugovk]

• OSS-Fuzz support #​5189
  [wiredfool, radarhere]

v8.1.2

Compare Source

• Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
  [wiredfool]

v8.1.1

Compare Source

• Use more specific regex chars to prevent ReDoS. CVE-2021-25292
  [hugovk]

• Fix OOB Read in TiffDecode.c, and check the tile validity before reading. CVE-2021-25291
  [wiredfool]

• Fix negative size read in TiffDecode.c. CVE-2021-25290
  [wiredfool]

• Fix OOB read in SgiRleDecode.c. CVE-2021-25293
  [wiredfool]

• Incorrect error code checking in TiffDecode.c. CVE-2021-25289
  [wiredfool]

• PyModule_AddObject fix for Python 3.10 #​5194
  [radarhere]

v8.1.0

Compare Source

• Fix TIFF OOB Write error. CVE-2020-35654 #​5175
  [wiredfool]

• Fix for Read Overflow in PCX Decoding. CVE-2020-35653 #​5174
  [wiredfool, radarhere]

• Fix for SGI Decode buffer overrun. CVE-2020-35655 #​5173
  [wiredfool, radarhere]

• Fix OOB Read when saving GIF of xsize=1 #​5149
  [wiredfool]

• Makefile updates #​5159
  [wiredfool, radarhere]

• Add support for PySide6 #​5161
  [hugovk]

• Use disposal settings from previous frame in APNG #​5126
  [radarhere]

• Added exception explaining that repr_png saves to PNG #​5139
  [radarhere]

• Use previous disposal method in GIF load_end #​5125
  [radarhere]

• Allow putpalette to accept 1024 integers to include alpha values #​5089
  [radarhere]

• Fix OOB Read when writing TIFF with custom Metadata #​5148
  [wiredfool]

• Added append_images support for ICO #​4568
  [ziplantil, radarhere]

• Block TIFFTAG_SUBIFD #​5120
  [radarhere]

• Fixed dereferencing potential null pointers #​5108, #​5111
  [cgohlke, radarhere]

• Deprecate FreeType 2.7 #​5098
  [hugovk, radarhere]

• Moved warning to end of execution #​4965
  [radarhere]

• Removed unused fromstring and tostring C methods #​5026
  [radarhere]

• init() if one of the formats is unrecognised #​5037
  [radarhere]

• Moved string_dimension CVE image to pillow-depends #​4993
  [radarhere]

• Support raw rgba8888 for DDS #​4760
  [qiankanglai]

v8.0.1

Compare Source

• Update FreeType used in binary wheels to 2.10.4 to fix CVE-2020-15999.
  [radarhere]

• Moved string_dimension image to pillow-depends #​4993
  [radarhere]

v8.0.0

Compare Source

• Drop support for EOL Python 3.5 #​4746, #​4794
  [hugovk, radarhere, nulano]

• Drop support for PyPy3 < 7.2.0 #​4964
  [nulano]

• Remove ImageCms.CmsProfile attributes deprecated since 3.2.0 #​4768
  [hugovk, radarhere]

• Remove long-deprecated Image.py functions #​4798
  [hugovk, nulano, radarhere]

• Add support for 16-bit precision JPEG quantization values #​4918
  [gofr]

• Added reading of IFD tag type #​4979
  [radarhere]

• Initialize offset memory for PyImagingPhotoPut #​4806
  [nqbit]

• Fix TiffDecode comparison warnings #​4756
  [nulano]

• Docs: Add dark mode #​4968
  [hugovk, nulano]

• Added macOS SDK install path to library and include directories #​4974
  [radarhere, fxcoudert]

• Imaging.h: prevent confusion with system #​4923
  [ax3l, ,radarhere]

• Avoid using pkg_resources in PIL.features.pilinfo #​4975
  [nulano]

• Add getlength and getbbox functions for TrueType fonts #​4959
  [nulano, radarhere, hugovk]

• Allow tuples with one item to give single color value in getink #​4927
  [radarhere, nulano]

• Add support for CBDT and COLR fonts #​4955
  [nulano, hugovk]

• Removed OSError in favour of DecompressionBombError for BMP #​4966
  [radarhere]

• Implemented another ellipse drawing algorithm #​4523
  [xtsm, radarhere]

• Removed unused JpegImagePlugin._fixup_dict function #​4957
  [radarhere]

• Added reading and writing of private PNG chunks #​4292
  [radarhere]

• Implement anchor for TrueType fonts #​4930
  [nulano, hugovk]

• Fixed bug in Exif delitem #​4942
  [radarhere]

• Fix crash in ImageTk.PhotoImage on MinGW 64-bit #​4946
  [nulano]

• Moved CVE images to pillow-depends #​4929
  [radarhere]

• Refactor font_getsize and font_render #​4910
  [nulano]

• Fixed loading profile with non-ASCII path on Windows #​4914
  [radarhere]

• Fixed effect_spread bug for zero distance #​4908
  [radarhere, hugovk]

• Added formats parameter to Image.open #​4837
  [nulano, radarhere]

• Added regular_polygon draw method #​4846
  [comhar]

• Raise proper TypeError in putpixel #​4882
  [nulano, hugovk]

• Added writing of subIFDs #​4862
  [radarhere]

• Fix IFDRational eq bug #​4888
  [luphord, radarhere]

• Fixed duplicate variable name #​4885
  [liZe, radarhere]

• Added homebrew zlib include directory #​4842
  [radarhere]

• Corrected inverted PDF CMYK colors #​4866
  [radarhere]

• Do not try to close file pointer if file pointer is empty #​4823
  [radarhere]

• ImageOps.autocontrast: add mask parameter #​4843
  [navneeth, hugovk]

• Read EXIF data tEXt chunk into info as bytes instead of string #​4828
  [radarhere]

• Replaced distutils with setuptools #​4797, #​4809, #​4814, #​4817, #​4829, #​4890
  [hugovk, radarhere]

• Add MIME type to PsdImagePlugin #​4788
  [samamorgan]

• Allow ImageOps.autocontrast to specify low and high cutoffs separately #​4749
  [millionhz, radarhere]

v7.2.0

Compare Source

• Do not convert I;16 images when showing PNGs #​4744
  [radarhere]

• Fixed ICNS file pointer saving #​4741
  [radarhere]

• Fixed loading non-RGBA mode APNGs with dispose background #​4742
  [radarhere]

• Deprecated _showxv #​4714
  [radarhere]

• Deprecate Image.show(command="...") #​4646
  [nulano, hugovk, radarhere]

• Updated JPEG magic number #​4707
  [Cykooz, radarhere]

• Change STRIPBYTECOUNTS to LONG if necessary when saving #​4626
  [radarhere, hugovk]

• Write JFIF header when saving JPEG #​4639
  [radarhere]

• Replaced tiff_jpeg with jpeg compression when saving TIFF images #​4627
  [radarhere]

• Writing TIFF tags: improved BYTE, added UNDEFINED #​4605
  [radarhere]

• Consider transparency when pasting text on an RGBA image #​4566
  [radarhere]

• Added method argument to single frame WebP saving #​4547
  [radarhere]

• Use ImageFileDirectory_v2 in Image.Exif #​4637
  [radarhere]

• Corrected reading EXIF metadata without prefix #​4677
  [radarhere]

• Fixed drawing a jointed line with a sequence of numeric values #​4580
  [radarhere]

• Added support for 1-D NumPy arrays #​4608
  [radarhere]

• Parse orientation from XMP tags #​4560
  [radarhere]

• Speed up text layout by not rendering glyphs #​4652
  [nulano]

• Fixed ZeroDivisionError in Image.thumbnail #​4625
  [radarhere]

• Replaced TiffImagePlugin DEBUG with logging #​4550
  [radarhere]

• Fix repeatedly loading .gbr #​4620
  [ElinksFr, radarhere]

• JPEG: Truncate icclist instead of setting to None #​4613
  [homm]

• Fixes default offset for Exif #​4594
  [rodrigob, radarhere]

• Fixed bug when unpickling TIFF images #​4565
  [radarhere]

• Fix pickling WebP #​4561
  [hugovk, radarhere]

• Replace IOError and WindowsError aliases with OSError #​4536
  [hugovk, radarhere]

v7.1.2

Compare Source

• Raise an EOFError when seeking too far in PNG #​4528
  [radarhere]

v7.1.1

Compare Source

• Fix regression seeking and telling PNGs #​4512 #​4514
  [hugovk, radarhere]

v7.1.0

Compare Source

• Fix multiple OOB reads in FLI decoding #​4503
  [wiredfool]

• Fix buffer overflow in SGI-RLE decoding #​4504
  [wiredfool, hugovk]

• Fix bounds overflow in JPEG 2000 decoding #​4505
  [wiredfool]

• Fix bounds overflow in PCX decoding #​4506
  [wiredfool]

• Fix 2 buffer overflows in TIFF decoding #​4507
  [wiredfool]

• Add APNG support #​4243
  [pmrowla, radarhere, hugovk]

• ImageGrab.grab() for Linux with XCB #​4260
  [nulano, radarhere]

• Added three new channel operations #​4230
  [dwastberg, radarhere]

• Prevent masking of Image reduce method in Jpeg2KImagePlugin #​4474
  [radarhere, homm]

• Added reading of earlier ImageMagick PNG EXIF data #​4471
  [radarhere]

• Fixed endian handling for I;16 getextrema #​4457
  [radarhere]

• Release buffer if function returns prematurely #​4381
  [radarhere]

• Add JPEG comment to info dictionary #​4455
  [radarhere]

• Fix size calculation of Image.thumbnail() #​4404
  [orlnub123]

• Fixed stroke on FreeType < 2.9 #​4401
  [radarhere]

• If present, only use alpha channel for bounding box #​4454
  [radarhere]

• Warn if an unknown feature is passed to features.check() #​4438
  [jdufresne]

• Fix Name field length when saving IM images #​4424
  [hugovk, radarhere]

• Allow saving of zero quality JPEG images #​4440
  [radarhere]

• Allow explicit zero width to hide outline #​4334
  [radarhere]

• Change ContainerIO return type to match file object mode #​4297
  [jdufresne, radarhere]

• Only draw each polygon pixel once #​4333
  [radarhere]

• Add support for shooting situation Exif IFD tags #​4398
  [alexagv]

• Handle multiple and malformed JPEG APP13 markers #​4370
  [homm]

• Depends: Update libwebp to 1.1.0 #​4342, libjpeg to 9d #​4352
  [radarhere]

v7.0.0

Compare Source

• Drop support for EOL Python 2.7 #​4109
  [hugovk, radarhere, jdufresne]

• Fix rounding error on RGB to L conversion #​4320
  [homm]

• Exif writing fixes: Rational boundaries and signed/unsigned types #​3980
  [kkopachev, radarhere]

• Allow loading of WMF images at a given DPI #​4311
  [radarhere]

• Added reduce operation #​4251
  [homm]

• Raise ValueError for io.StringIO in Image.open #​4302
  [radarhere, hugovk]

• Fix thumbnail geometry when DCT scaling is used #​4231
  [homm, radarhere]

• Use default DPI when exif provides invalid x_resolution #​4147
  [beipang2, radarhere]

• Change default resize resampling filter from NEAREST to BICUBIC #​4255
  [homm]

• Fixed black lines on upscaled images with the BOX filter #​4278
  [homm]

• Better thumbnail aspect ratio preservation #​4256
  [homm]

• Add La mode packing and unpacking #​4248
  [homm]

• Include tests in coverage reports #​4173
  [hugovk]

• Handle broken Photoshop data #​4239
  [radarhere]

• Raise a specific exception if no data is found for an MPO frame #​4240
  [radarhere]

• Fix Unicode support for PyPy #​4145
  [nulano]

• Added UnidentifiedImageError #​4182
  [radarhere, hugovk]

• Remove deprecated version from plugins #​4197
  [hugovk, radarhere]

• Fixed freeing unallocated pointer when resizing with height too large #​4116
  [radarhere]

• Copy info in Image.transform #​4128
  [radarhere]

• Corrected DdsImagePlugin setting info gamma #​4171
  [radarhere]

• Depends: Update libtiff to 4.1.0 #​4195, Tk Tcl to 8.6.10 #​4229, libimagequant to 2.12.6 #​4318
  [radarhere]

• Improve handling of file resources #​3577
  [jdufresne]

• Removed CI testing of Fedora 29 #​4165
  [hugovk]

• Added pypy3 to tox envlist #​4137
  [jdufresne]

• Drop support for EOL PyQt4 and PySide #​4108
  [hugovk, radarhere]

• Removed deprecated setting of TIFF image sizes #​4114
  [radarhere]

• Removed deprecated PILLOW_VERSION #​4107
  [hugovk]

• Changed default frombuffer raw decoder args #​1730
  [radarhere]

v6.2.2

Compare Source

• This is the last Pillow release to support Python 2.7 #​3642

• Overflow checks for realloc for tiff decoding. CVE-2020-5310
  [wiredfool, radarhere]

• Catch SGI buffer overrun. CVE-2020-5311
  [radarhere]

• Catch PCX P mode buffer overrun. CVE-2020-5312
  [radarhere]

• Catch FLI buffer overrun. CVE-2020-5313
  [radarhere]

• Raise an error for an invalid number of bands in FPX image. CVE-2019-19911
  [wiredfool, radarhere]

v6.2.1

Compare Source

• Add support for Python 3.8 #​4141
  [hugovk]

v6.2.0

Compare Source

• Catch buffer overruns #​4104
  [radarhere]

• Initialize rows_per_strip when RowsPerStrip tag is missing #​4034
  [cgohlke, radarhere]

• Raise error if TIFF dimension is a string #​4103
  [radarhere]

• Added decompression bomb checks #​4102
  [radarhere]

• Fix ImageGrab.grab DPI scaling on Windows 10 version 1607+ #​4000
  [nulano, radarhere]

• Corrected negative seeks #​4101
  [radarhere]

• Added argument to capture all screens on Windows #​3950
  [nulano, radarhere]

• Updated warning to specify when Image.frombuffer defaults will change #​4086
  [radarhere]

• Changed WindowsViewer format to PNG #​4080
  [radarhere]

• Use TIFF orientation #​4063
  [radarhere]

• Raise the same error if a truncated image is loaded a second time #​3965
  [radarhere]

• Lazily use ImageFileDirectory_v1 values from Exif #​4031
  [radarhere]

• Improved HSV conversion #​4004
  [radarhere]

• Added text stroking #​3978
  [radarhere, hugovk]

• No more deprecated bdist_wininst .exe installers #​4029
  [hugovk]

• Do not allow floodfill to extend into negative coordinates #​4017
  [radarhere]

• Fixed arc drawing bug for a non-whole number of degrees #​4014
  [radarhere]

• Fix bug when merging identical images to GIF with a list of durations #​4003
  [djy0, radarhere]

• Fix bug in TIFF loading of BufferedReader #​3998
  [chadawagner]

• Added fallback for finding ld on MinGW Cygwin #​4019
  [radarhere]

• Remove indirect dependencies from requirements.txt #​3976
  [hugovk]

• Depends: Update libwebp to 1.0.3 #​3983, libimagequant to 2.12.5 [#​3993](https://

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.