Sourced from pillow's releases.

9.1.1

This release addresses several security problems.

CVE-2022-30595: When reading a TGA file with RLE packets that cross scan lines, Pillow reads the information past the end of the first line without deducting that from the length of the remaining file data. This vulnerability was introduced in Pillow 9.1.0, and can cause a heap buffer overflow.

Opening an image with a zero or negative height has been found to bypass a decompression bomb check. This will now raise a SyntaxError instead, in turn raising a PIL.UnidentifiedImageError.

9.1.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.1.0.html

Changes

• Add support for multiple component transformation to JPEG2000 #5500 [@​scaramallion]
• Fix loading FriBiDi on Alpine #6165 [@​nulano]
• Added setting for converting GIF P frames to RGB #6150 [@​radarhere]
• Allow 1 mode images to be inverted #6034 [@​radarhere]
• Raise ValueError when trying to save empty JPEG #6159 [@​radarhere]
• Always save TIFF with contiguous planar configuration #5973 [@​radarhere]
• Connected discontiguous polygon corners #5980 [@​radarhere]
• Corrected memory allocation #5958 [@​radarhere]
• Ensure Tkinter hook is activated for getimage() #6032 [@​radarhere]
• Fixed comparison warnings #5970 [@​radarhere]
• Use screencapture arguments to crop on macOS #6152 [@​radarhere]
• Do not mark L mode JPEG as 1 bit in PDF #6151 [@​radarhere]
• Fixed saving L mode GIF with background as WebP #6147 [@​radarhere]
• Do not expand GIF during n_frames #6148 [@​radarhere]
• Added support for reading I;16R TIFF images #6132 [@​radarhere]
• If an error occurs after creating a file, remove the file #6134 [@​radarhere]
• decode() should return -1 when finished #6130 [@​radarhere]
• Fixed calling DisplayViewer or XVViewer without a title #6136 [@​radarhere]
• Retain RGBA transparency when saving multiple GIF frames #6128 [@​radarhere]
• Save additional ICO frames with other bit depths if supplied #6122 [@​radarhere]
• Handle EXIF data truncated to just the header #6124 [@​radarhere]
• Added support for reading BMP images with RLE8 compression #6102 [@​radarhere]
• Support Python distributions where _tkinter is compiled in #6006 [@​lukegb]
• Added WebP default duration of zero when saving #6140 [@​radarhere]
• Added support for PPM arbitrary maxval #6119 [@​radarhere]
• Removed unused variable #6137 [@​radarhere]
• libwebp 1.2.2 fixed endian bugs #5984 [@​radarhere]
• Added BigTIFF reading #6097 [@​radarhere]
• GIF seek performance improvements #6077 [@​radarhere]
• Removed load_prepare nearly identical to ImageFile load_prepare #6116 [@​radarhere]
• When converting, clip I;16 to be unsigned, not signed #6112 [@​radarhere]
• Check if self.im is not None #6108 [@​radarhere]
• Fixed loading L mode GIF with transparency #6086 [@​radarhere]
• Ensure cleanup() is called for PyEncoders #6096 [@​radarhere]
• Various _accept changes #6092 [@​radarhere]
• Improved handling of PPM header #5121 [@​Piolie]
• Reset size when seeking away from "Large Thumbnail" MPO frame #6101 [@​radarhere]

... (truncated)

Sourced from pillow's changelog.

9.1.1 (2022-05-17)

• When reading past the end of a TGA scan line, reduce bytes left. CVE-2022-30595 [radarhere]

• Do not open images with zero or negative height #6269 [radarhere]

9.1.0 (2022-04-01)

• Add support for multiple component transformation to JPEG2000 #5500 [scaramallion, radarhere, hugovk]

• Fix loading FriBiDi on Alpine #6165 [nulano]

• Added setting for converting GIF P frames to RGB #6150 [radarhere]

• Allow 1 mode images to be inverted #6034 [radarhere]

• Raise ValueError when trying to save empty JPEG #6159 [radarhere]

• Always save TIFF with contiguous planar configuration #5973 [radarhere]

• Connected discontiguous polygon corners #5980 [radarhere]

• Ensure Tkinter hook is activated for getimage() #6032 [radarhere]

• Use screencapture arguments to crop on macOS #6152 [radarhere]

• Do not mark L mode JPEG as 1 bit in PDF #6151 [radarhere]

• Added support for reading I;16R TIFF images #6132 [radarhere]

• If an error occurs after creating a file, remove the file #6134 [radarhere]

• Fixed calling DisplayViewer or XVViewer without a title #6136 [radarhere]

... (truncated)

• 0f44136 9.1.1 version bump
• f66f5e1 pre-commit: update Black to fix Click
• 0153b37 Skip test_realloc_overflow unless libtiff 4.0.4 or higher
• 6fcd31b Added release notes for 9.1.1
• c846cc8 When reading past the end of a scan line, reduce bytes left
• 184b73e Do not open images with zero or negative height
• 5d07022 Update CHANGES.rst [ci skip]
• 1e0bc4a 9.1.0 version bump
• 0606f02 Merge pull request #6168 from hugovk/release-notes
• 703f54c Merge pull request #5500 from scaramallion/dev-j2k
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.1.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.1.0.html

Changes

• Add support for multiple component transformation to JPEG2000 #5500 [@​scaramallion]
• Fix loading FriBiDi on Alpine #6165 [@​nulano]
• Added setting for converting GIF P frames to RGB #6150 [@​radarhere]
• Allow 1 mode images to be inverted #6034 [@​radarhere]
• Raise ValueError when trying to save empty JPEG #6159 [@​radarhere]
• Always save TIFF with contiguous planar configuration #5973 [@​radarhere]
• Connected discontiguous polygon corners #5980 [@​radarhere]
• Corrected memory allocation #5958 [@​radarhere]
• Ensure Tkinter hook is activated for getimage() #6032 [@​radarhere]
• Fixed comparison warnings #5970 [@​radarhere]
• Use screencapture arguments to crop on macOS #6152 [@​radarhere]
• Do not mark L mode JPEG as 1 bit in PDF #6151 [@​radarhere]
• Fixed saving L mode GIF with background as WebP #6147 [@​radarhere]
• Do not expand GIF during n_frames #6148 [@​radarhere]
• Added support for reading I;16R TIFF images #6132 [@​radarhere]
• If an error occurs after creating a file, remove the file #6134 [@​radarhere]
• decode() should return -1 when finished #6130 [@​radarhere]
• Fixed calling DisplayViewer or XVViewer without a title #6136 [@​radarhere]
• Retain RGBA transparency when saving multiple GIF frames #6128 [@​radarhere]
• Save additional ICO frames with other bit depths if supplied #6122 [@​radarhere]
• Handle EXIF data truncated to just the header #6124 [@​radarhere]
• Added support for reading BMP images with RLE8 compression #6102 [@​radarhere]
• Support Python distributions where _tkinter is compiled in #6006 [@​lukegb]
• Added WebP default duration of zero when saving #6140 [@​radarhere]
• Added support for PPM arbitrary maxval #6119 [@​radarhere]
• Removed unused variable #6137 [@​radarhere]
• libwebp 1.2.2 fixed endian bugs #5984 [@​radarhere]
• Added BigTIFF reading #6097 [@​radarhere]
• GIF seek performance improvements #6077 [@​radarhere]
• Removed load_prepare nearly identical to ImageFile load_prepare #6116 [@​radarhere]
• When converting, clip I;16 to be unsigned, not signed #6112 [@​radarhere]
• Check if self.im is not None #6108 [@​radarhere]
• Fixed loading L mode GIF with transparency #6086 [@​radarhere]
• Ensure cleanup() is called for PyEncoders #6096 [@​radarhere]
• Various _accept changes #6092 [@​radarhere]
• Improved handling of PPM header #5121 [@​Piolie]
• Reset size when seeking away from "Large Thumbnail" MPO frame #6101 [@​radarhere]
• Replace requirements.txt with extras #6072 [@​hugovk]
• Added PyEncoder and support BLP saving #6069 [@​radarhere]
• Handle TGA images with packets that cross scan lines #6087 [@​radarhere]
• Added FITS reading #6056 [@​radarhere]
• Added rawmode argument to Image.getpalette() #6061 [@​radarhere]
• Fixed BUFR, GRIB and HDF5 stub saving #6071 [@​radarhere]
• Changed quantize default dither to FLOYDSTEINBERG #6068 [@​radarhere]

... (truncated)

Sourced from pillow's changelog.

9.1.0 (2022-04-01)

• Fix loading FriBiDi on Alpine #6165 [nulano]

• Added setting for converting GIF P frames to RGB #6150 [radarhere]

• Allow 1 mode images to be inverted #6034 [radarhere]

• Raise ValueError when trying to save empty JPEG #6159 [radarhere]

• Always save TIFF with contiguous planar configuration #5973 [radarhere]

• Connected discontiguous polygon corners #5980 [radarhere]

• Ensure Tkinter hook is activated for getimage() #6032 [radarhere]

• Use screencapture arguments to crop on macOS #6152 [radarhere]

• Do not mark L mode JPEG as 1 bit in PDF #6151 [radarhere]

• Added support for reading I;16R TIFF images #6132 [radarhere]

• If an error occurs after creating a file, remove the file #6134 [radarhere]

• Fixed calling DisplayViewer or XVViewer without a title #6136 [radarhere]

• Retain RGBA transparency when saving multiple GIF frames #6128 [radarhere]

• Save additional ICO frames with other bit depths if supplied #6122 [radarhere]

• Handle EXIF data truncated to just the header #6124 [radarhere]

• Added support for reading BMP images with RLE8 compression #6102 [radarhere]

... (truncated)

• 5d07022 Update CHANGES.rst [ci skip]
• 1e0bc4a 9.1.0 version bump
• 0606f02 Merge pull request #6168 from hugovk/release-notes
• 703f54c Merge pull request #5500 from scaramallion/dev-j2k
• 4181f49 Wording
• 78c389e Merge pull request #6169 from radarhere/freetype
• 081c3ba Updated freetype to 2.12
• 31e08c8 Wording
• e0de5b6 Document mct and no_jp2 options for saving JPEG 2000
• 698f529 Parametrized test
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.2.0.html

Changes

• Fixed null check for fribidi_version_info in FriBiDi shim #6376 [@​nulano]
• Added GIF decompression bomb check #6402 [@​radarhere]
• Handle PCF fonts files with less than 256 characters #6386 [@​dawidcrivelli]
• Improved GIF optimize condition #6378 [@​raygard]
• Reverted to array_interface with the release of NumPy 1.23 #6394 [@​radarhere]
• Pad PCX palette to 768 bytes when saving #6391 [@​radarhere]
• Fixed bug with rounding pixels to palette colors #6377 [@​btrekkie]
• Use gnome-screenshot on Linux if available #6361 [@​radarhere]
• Fixed loading L mode BMP RLE8 images #6384 [@​radarhere]
• Fixed incorrect operator in ImageCms error #6370 [@​LostBenjamin]
• Limit FPX tile size to avoid extending outside image #6368 [@​radarhere]
• Added support for decoding plain PPM formats #5242 [@​Piolie]
• Added apply_transparency() #6352 [@​radarhere]
• Fixed behaviour change from endian fix #6197 [@​radarhere]
• Use python3 #6222 [@​radarhere]
• Allow remapping P images with RGBA palettes #6350 [@​radarhere]
• Revert "Skip test_realloc_overflow unless libtiff 4.0.4 or higher" #6354 [@​radarhere]
• [pre-commit.ci] pre-commit autoupdate #6353 [@​pre-commit-ci]
• Only import ImageFont in ImageDraw when necessary #6341 [@​radarhere]
• Fixed drawing translucent 1px high polygons #6278 [@​radarhere]
• Pad COLORMAP to 768 items when saving TIFF #6232 [@​radarhere]
• Fix P -> PA conversion #6337 [@​RedShy]
• Once exif data is parsed, do not reload unless it changes #6335 [@​radarhere]
• Only try to connect discontiguous corners at the end of edges #6303 [@​radarhere]
• Improve transparency handling when saving GIF images #6176 [@​radarhere]
• Do not update GIF frame position until local image is found #6219 [@​radarhere]
• Netscape GIF extension belongs after the global color table #6211 [@​radarhere]
• Only write GIF comments at the beginning of the file #6300 [@​raygard]
• Separate multiple GIF comment blocks with newlines #6294 [@​raygard]
• Always use GIF89a for comments #6292 [@​raygard]
• Ignore compression value from BMP info dictionary when saving as TIFF #6231 [@​radarhere]
• If font is file-like object, do not re-read from object to get variant #6234 [@​radarhere]
• Raise ValueError when trying to access internal fp after close #6213 [@​radarhere]
• Support more affine expression forms in im.point() #6254 [@​benrg]
• Include 'twine check' in 'make sdist' #6305 [@​hugovk]
• Ensure that furthest v is set in quantize2 #6256 [@​radarhere]

Dependencies

• Updated harfbuzz to 4.4.1 #6401 [@​radarhere]
• Updated harfbuzz to 4.4.0 #6397 [@​radarhere]
• Use SourceForge auto mirror capability #6345 [@​raygard]
• Updated libtiff to 4.4.0 #6339 [@​radarhere]
• Updated harfbuzz to 4.3.0 #6315 [@​radarhere]

... (truncated)

Sourced from pillow's changelog.

9.2.0 (2022-07-01)

• Deprecate ImageFont.getsize and related functions #6381 [nulano, radarhere]

• Fixed null check for fribidi_version_info in FriBiDi shim #6376 [nulano]

• Added GIF decompression bomb check #6402 [radarhere]

• Handle PCF fonts files with less than 256 characters #6386 [dawidcrivelli, radarhere]

• Improved GIF optimize condition #6378 [raygard, radarhere]

• Reverted to array_interface with the release of NumPy 1.23 #6394 [radarhere]

• Pad PCX palette to 768 bytes when saving #6391 [radarhere]

• Fixed bug with rounding pixels to palette colors #6377 [btrekkie, radarhere]

• Use gnome-screenshot on Linux if available #6361 [radarhere, nulano]

• Fixed loading L mode BMP RLE8 images #6384 [radarhere]

• Fixed incorrect operator in ImageCms error #6370 [LostBenjamin, hugovk, radarhere]

• Limit FPX tile size to avoid extending outside image #6368 [radarhere]

• Added support for decoding plain PPM formats #5242 [Piolie, radarhere]

• Added apply_transparency() #6352 [radarhere]

• Fixed behaviour change from endian fix #6197 [radarhere]

• Allow remapping P images with RGBA palettes #6350 [radarhere]

... (truncated)

• 58acec3 Update CHANGES.rst [ci skip]
• dc518ac 9.2.0 version bump
• 488589b Merge pull request #6381 from nulano/deprecate-getsize
• 8a6050e Replaced internal argument with warning filters
• 79329fb Merge pull request #6408 from radarhere/furo
• 4ca99f7 Install furo if it is not available
• 729fe6f Updated indentation
• 74e0b95 test {ImageFont,TransposedFont}.getsize() deprecation
• a37c21e document planned removal date for ImageFont deprecations and release notes
• ad5271d Document replacements for individual deprecated font methods
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.0.1

https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html

Changes

• In show_file, use os.remove to remove temporary images. CVE-2022-24303 #6010 [@​radarhere, @​hugovk]
• Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 #6009 [radarhere]

Sourced from pillow's changelog.

9.0.1 (2022-02-03)

• In show_file, use os.remove to remove temporary images. CVE-2022-24303 #6010 [radarhere, hugovk]

• Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 #6009 [radarhere]

• 6deac9e 9.0.1 version bump
• c04d812 Update CHANGES.rst [ci skip]
• 4fabec3 Added release notes for 9.0.1
• 02affaa Added delay after opening image with xdg-open
• ca0b585 Updated formatting
• 427221e In show_file, use os.remove to remove temporary images
• c930be0 Restrict builtins within lambdas for ImageMath.eval
• 75b69dd Dont need to pin for GHA
• cd938a7 Autolink CWE numbers with sphinx-issues
• 2e9c461 Add CVE IDs
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html

Changes

• Restrict builtins for ImageMath.eval() #5923 [@​radarhere]
• Ensure JpegImagePlugin stops at the end of a truncated file #5921 [@​radarhere]
• Fixed ImagePath.Path array handling #5920 [@​radarhere]
• Remove consecutive duplicate tiles that only differ by their offset #5919 [@​radarhere]
• Removed redundant part of condition #5915 [@​radarhere]
• Explicitly enable strip chopping for large uncompressed TIFFs #5517 [@​kmilos]
• Use the Windows method to get TCL functions on Cygwin #5807 [@​DWesl]
• Changed error type to allow for incremental WebP parsing #5404 [@​radarhere]
• Improved I;16 operations on big endian #5901 [@​radarhere]
• Ensure that BMP pixel data offset does not ignore palette #5899 [@​radarhere]
• Limit quantized palette to number of colors #5879 [@​radarhere]
• Use latin1 encoding to decode bytes #5870 [@​radarhere]
• Fixed palette index for zeroed color in FASTOCTREE quantize #5869 [@​radarhere]
• When saving RGBA to GIF, make use of first transparent palette entry #5859 [@​radarhere]
• Pass SAMPLEFORMAT to libtiff #5848 [@​radarhere]
• Added rounding when converting P and PA #5824 [@​radarhere]
• Improved putdata() documentation and data handling #5910 [@​radarhere]
• Exclude carriage return in PDF regex to help prevent ReDoS #5912 [@​radarhere]
• Image.NONE is only used for resampling and dithers #5908 [@​radarhere]
• Fixed freeing pointer in ImageDraw.Outline.transform #5909 [@​radarhere]
• Add Tidelift alignment action and badge #5763 [@​aclark4life]
• Replaced further direct invocations of setup.py #5906 [@​radarhere]
• Added ImageShow support for xdg-open #5897 [@​m-shinder]
• Fixed typo #5902 [@​radarhere]
• Switched from deprecated "setup.py install" to "pip install ." #5896 [@​radarhere]
• Support 16-bit grayscale ImageQt conversion #5856 [@​cmbruns]
• Fixed raising OSError in _safe_read when size is greater than SAFEBLOCK #5872 [@​radarhere]
• Convert subsequent GIF frames to RGB or RGBA #5857 [@​radarhere]
• WebP: Fix memory leak during decoding on failure #5798 [@​ilai-deutel]
• Do not prematurely return in ImageFile when saving to stdout #5665 [@​infmagic2047]
• Added support for top right and bottom right TGA orientations #5829 [@​radarhere]
• Corrected ICNS file length in header #5845 [@​radarhere]
• Block tile TIFF tags when saving #5839 [@​radarhere]
• Added line width argument to ImageDraw polygon #5694 [@​radarhere]
• Do not redeclare class each time when converting to NumPy #5844 [@​radarhere]
• Only prevent repeated polygon pixels when drawing with transparency #5835 [@​radarhere]
• Fix pushes_fd method signature #5833 [@​hoodmane]
• Add support for pickling TrueType fonts #5826 [@​hugovk]
• Only prefer command line tools SDK on macOS over default MacOSX SDK #5828 [@​radarhere]
• Fix compilation on 64-bit Termux #5793 [@​landfillbaby]
• Replace 'setup.py sdist' with '-m build --sdist' #5785 [@​hugovk]
• Use declarative package configuration #5784 [@​hugovk]
• Use title for display in ImageShow #5788 [@​radarhere]
• Fix for PyQt6 #5775 [@​hugovk]

... (truncated)

Sourced from pillow's changelog.

9.0.0 (2022-01-02)

• Restrict builtins for ImageMath.eval(). CVE-2022-22817 #5923 [radarhere]

• Ensure JpegImagePlugin stops at the end of a truncated file #5921 [radarhere]

• Fixed ImagePath.Path array handling. CVE-2022-22815, CVE-2022-22816 #5920 [radarhere]

• Remove consecutive duplicate tiles that only differ by their offset #5919 [radarhere]

• Improved I;16 operations on big endian #5901 [radarhere]

• Limit quantized palette to number of colors #5879 [radarhere]

• Fixed palette index for zeroed color in FASTOCTREE quantize #5869 [radarhere]

• When saving RGBA to GIF, make use of first transparent palette entry #5859 [radarhere]

• Pass SAMPLEFORMAT to libtiff #5848 [radarhere]

• Added rounding when converting P and PA #5824 [radarhere]

• Improved putdata() documentation and data handling #5910 [radarhere]

• Exclude carriage return in PDF regex to help prevent ReDoS #5912 [hugovk]

• Fixed freeing pointer in ImageDraw.Outline.transform #5909 [radarhere]

• Added ImageShow support for xdg-open #5897 [m-shinder, radarhere]

• Support 16-bit grayscale ImageQt conversion #5856 [cmbruns, radarhere]

• Convert subsequent GIF frames to RGB or RGBA #5857 [radarhere]

... (truncated)

• 82541b6 9.0.0 version bump
• cae5ac4 Merge pull request #5924 from radarhere/cves
• ed4cf78 CVEs TBD
• d7f60d1 Merge pull request #5923 from radarhere/imagemath_eval
• 8531b01 Restrict builtins for ImageMath.eval
• 1efb1d9 Merge pull request #5922 from radarhere/releasenotes
• f6c7871 Added release notes for #5919, #5920 and #5921
• 032d2dc Update CHANGES.rst [ci skip]
• baae9ec Merge pull request #5921 from radarhere/jpeg_eoi
• 1059eb5 If appended EOI did not work, do not keep trying
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html

Changes

• Initialize libtiff buffer when saving #6699 [@​radarhere]
• Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [@​wiredfool]
• Inline fname2char to fix memory leak #6329 [@​nulano]
• Fix memory leaks related to text features #6330 [@​nulano]
• Use double quotes for version check on old CPython on Windows #6695 [@​hugovk]
• GHA: replace deprecated set-output command with GITHUB_OUTPUT file #6697 [@​nulano]
• Remove backup implementation of Round for Windows platforms #6693 [@​cgohlke]
• Upload fribidi.dll to GitHub Actions #6532 [@​nulano]
• Fixed set_variation_by_name offset #6445 [@​radarhere]
• Windows build improvements #6562 [@​nulano]
• Fix malloc in _imagingft.c:font_setvaraxes #6690 [@​cgohlke]
• Only use ASCII characters in C source file #6691 [@​cgohlke]
• Release Python GIL when converting images using matrix operations #6418 [@​hmaarrfk]
• Added ExifTags enums #6630 [@​radarhere]
• Do not modify previous frame when calculating delta in PNG #6683 [@​radarhere]
• Added support for reading BMP images with RLE4 compression #6674 [@​npjg]
• Decode JPEG compressed BLP1 data in original mode #6678 [@​radarhere]
• pylint warnings #6659 [@​marksmayo]
• Added GPS TIFF tag info #6661 [@​radarhere]
• Added conversion between RGB/RGBA/RGBX and LAB #6647 [@​radarhere]
• Do not attempt normalization if mode is already normal #6644 [@​radarhere]
• Fixed seeking to an L frame in a GIF #6576 [@​radarhere]
• Consider all frames when selecting mode for PNG save_all #6610 [@​radarhere]
• Don't reassign crc on ChunkStream close #6627 [@​radarhere]
• Raise a warning if NumPy failed to raise an error during conversion #6594 [@​radarhere]
• Only read a maximum of 100 bytes at a time in IMT header #6623 [@​radarhere]
• Show all frames in ImageShow #6611 [@​radarhere]
• Allow FLI palette chunk to not be first #6626 [@​radarhere]
• If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode #6592 [@​radarhere]
• Round box position to integer when pasting embedded color #6517 [@​radarhere]
• Removed EXIF prefix when saving WebP #6582 [@​radarhere]
• Pad IM palette to 768 bytes when saving #6579 [@​radarhere]
• Added DDS BC6H reading #6449 [@​ShadelessFox]
• Added support for opening WhiteIsZero 16-bit integer TIFF images #6642 [@​JayWiz]
• Raise an error when allocating translucent color to RGB palette #6654 [@​jsbueno]
• Moved mode check outside of loops #6650 [@​radarhere]
• Added reading of TIFF child images #6569 [@​radarhere]
• Improved ImageOps palette handling #6596 [@​PososikTeam]
• Defer parsing of palette into colors #6567 [@​radarhere]
• Apply transparency to P images in ImageTk.PhotoImage #6559 [@​radarhere]
• Use rounding in ImageOps contain() and pad() #6522 [@​bibinhashley]
• Fixed GIF remapping to palette with duplicate entries #6548 [@​radarhere]
• Allow remap_palette() to return an image with less than 256 palette entries #6543 [@​radarhere]
• Corrected BMP and TGA palette size when saving #6500 [@​radarhere]

... (truncated)

Sourced from pillow's changelog.

9.3.0 (2022-10-29)

• Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [wiredfool]

• Initialize libtiff buffer when saving #6699 [radarhere]

• Inline fname2char to fix memory leak #6329 [nulano]

• Fix memory leaks related to text features #6330 [nulano]

• Use double quotes for version check on old CPython on Windows #6695 [hugovk]

• Remove backup implementation of Round for Windows platforms #6693 [cgohlke]

• Fixed set_variation_by_name offset #6445 [radarhere]

• Fix malloc in _imagingft.c:font_setvaraxes #6690 [cgohlke]

• Release Python GIL when converting images using matrix operations #6418 [hmaarrfk]

• Added ExifTags enums #6630 [radarhere]

• Do not modify previous frame when calculating delta in PNG #6683 [radarhere]

• Added support for reading BMP images with RLE4 compression #6674 [npjg, radarhere]

• Decode JPEG compressed BLP1 data in original mode #6678 [radarhere]

• Added GPS TIFF tag info #6661 [radarhere]

• Added conversion between RGB/RGBA/RGBX and LAB #6647 [radarhere]

• Do not attempt normalization if mode is already normal #6644 [radarhere]

... (truncated)

• d594f4c Update CHANGES.rst [ci skip]
• 909dc64 9.3.0 version bump
• 1a51ce7 Merge pull request #6699 from hugovk/security-libtiff_buffer
• 2444cdd Merge pull request #6700 from hugovk/security-samples_per_pixel-sec
• 744f455 Added release notes
• 0846bfa Add to release notes
• 799a6a0 Fix linting
• 00b25fd Hide UserWarning in logs
• 05b175e Tighter test case
• 13f2c5a Prevent DOS with large SAMPLESPERPIXEL in Tiff IFD
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)