Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							a3a69c8385 
							
						 
					 
					
						
						
							
							conditional mark for valgrind ignore  
						
						
						
					 
					
						2021-04-09 23:53:24 +02:00 
						 
				 
			
				
					
						
							
							
								Tanner Davis 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8c38c80bb1 
							
						 
					 
					
						
						
							
							Now the rst link to the Image class should work  
						
						
						
					 
					
						2021-04-09 11:47:29 -06:00 
						 
				 
			
				
					
						
							
							
								Tanner Davis 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8da6eef073 
							
						 
					 
					
						
						
							
							Made sure the rst link to the Image class was correct  
						
						
						
					 
					
						2021-04-09 11:09:16 -06:00 
						 
				 
			
				
					
						
							
							
								Tanner Davis 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ef3de6bf4f 
							
						 
					 
					
						
						
							
							PDF format docs, append_images param update [ci skip]  
						
						... 
						
						
						
						Made sure it is documented that both the `append_images` and `save_all` params must be set. Just setting `append_images` does not work. 
						
					 
					
						2021-04-09 10:53:33 -06:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							356681faae 
							
						 
					 
					
						
						
							
							Merge pull request  #5393  from hugovk/test-redos  
						
						... 
						
						
						
						Add test for CVE-2021-25292 ReDoS 
						
					 
					
						2021-04-09 23:34:11 +10:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							441e6426ae 
							
						 
					 
					
						
						
							
							Initialize buffer with 0, fixes valgrind undefined behavior issues  
						
						
						
					 
					
						2021-04-09 13:41:23 +02:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							43aa6ade6f 
							
						 
					 
					
						
						
							
							Local valgrind test target  
						
						
						
					 
					
						2021-04-09 13:39:28 +02:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							04df6e3bf1 
							
						 
					 
					
						
						
							
							mapdepth is only 1 byte  
						
						
						
					 
					
						2021-04-09 21:38:28 +10:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b01fd46fe6 
							
						 
					 
					
						
						
							
							Merge pull request  #5395  from radarhere/python3  
						
						
						
					 
					
						2021-04-09 13:43:45 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							714d6c8cd3 
							
						 
					 
					
						
						
							
							Removed shebang line  
						
						
						
					 
					
						2021-04-09 19:10:53 +10:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							b8c8375d0c 
							
						 
					 
					
						
						
							
							Use python3 in shebang line  
						
						
						
					 
					
						2021-04-09 19:10:36 +10:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
						
						
							
						
						
							bde149be38 
							
						 
					 
					
						
						
							
							Add test for CVE-2021-25292 ReDoS  
						
						
						
					 
					
						2021-04-08 23:53:22 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							3cb2413066 
							
						 
					 
					
						
						
							
							Use zero if background color index is missing  
						
						
						
					 
					
						2021-04-08 08:04:20 +10:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							75c111903c 
							
						 
					 
					
						
						
							
							Merge pull request  #5382  from radarhere/rounded_rectangle  
						
						... 
						
						
						
						Round down the radius in rounded_rectangle 
						
					 
					
						2021-04-07 19:31:19 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							97207a8b19 
							
						 
					 
					
						
						
							
							Update CHANGES.rst [ci skip]  
						
						
						
					 
					
						2021-04-07 19:20:35 +10:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							eeddc06305 
							
						 
					 
					
						
						
							
							Merge pull request  #5383  from radarhere/dds  
						
						
						
					 
					
						2021-04-07 12:15:02 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							d661e438f6 
							
						 
					 
					
						
						
							
							Fixed ensuring that previous frame was loaded  
						
						
						
					 
					
						2021-04-06 19:31:51 +10:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							9d489f69ae 
							
						 
					 
					
						
						
							
							Removed duplicate word in error message  
						
						
						
					 
					
						2021-04-05 19:34:00 +10:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							56dfc4a956 
							
						 
					 
					
						
						
							
							Added 301 and 532 to core tags  
						
						
						
					 
					
						2021-04-05 19:01:13 +10:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							d06871d543 
							
						 
					 
					
						
						
							
							Set mode of three channel uncompressed RGB data to RGB  
						
						
						
					 
					
						2021-04-05 17:58:02 +10:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							6f87faf0ee 
							
						 
					 
					
						
						
							
							Reversed rawmode for uncompressed RGB data  
						
						
						
					 
					
						2021-04-05 17:54:34 +10:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							92edc29439 
							
						 
					 
					
						
						
							
							Round down the radius in rounded_rectangle  
						
						
						
					 
					
						2021-04-05 08:54:06 +10:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e2ac1d1c34 
							
						 
					 
					
						
						
							
							Merge pull request  #5380  from radarhere/accept  
						
						
						
					 
					
						2021-04-03 16:23:39 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							60da129d4b 
							
						 
					 
					
						
						
							
							Replaced register_open lambdas with _accept method for consistency  
						
						
						
					 
					
						2021-04-03 21:51:28 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							d4f9c6e082 
							
						 
					 
					
						
						
							
							Renamed register_open accept methods for consistency  
						
						
						
					 
					
						2021-04-03 21:51:23 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							77a8a53a94 
							
						 
					 
					
						
						
							
							Allow converting an image to a numpy array to raise errors  
						
						
						
					 
					
						2021-04-03 13:20:58 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							3c129142c8 
							
						 
					 
					
						
						
							
							Catch OSError  
						
						
						
					 
					
						2021-04-03 09:34:56 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							39fe85f308 
							
						 
					 
					
						
						
							
							Merge branch 'master' into jp2-decode-subsample  
						
						
						
					 
					
						2021-04-03 09:26:55 +11:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ee079ae67e 
							
						 
					 
					
						
						
							
							Merge pull request  #5378  from radarhere/fedora  
						
						... 
						
						
						
						Removed Fedora 32 docker job 
						
					 
					
						2021-04-02 13:10:36 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							a69430047b 
							
						 
					 
					
						
						
							
							Renamed function  
						
						
						
					 
					
						2021-04-02 21:06:10 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							6764650e2a 
							
						 
					 
					
						
						
							
							Reduced memory usage  
						
						
						
					 
					
						2021-04-02 20:48:06 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							ed8064df22 
							
						 
					 
					
						
						
							
							Removed Fedora 32 docker job  
						
						
						
					 
					
						2021-04-02 18:07:03 +11:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
						
						
							
						
						
							330f77ae7a 
							
						 
					 
					
						
						
							
							8.3.0.dev0 version bump  
						
						
						
					 
					
						2021-04-01 23:56:43 +03:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
						
						
							
						
						
							e0e353c0ef 
							
						 
					 
					
						
						
							
							8.2.0 version bump  
						
						
						
					 
					
						2021-04-01 20:58:27 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							6541bd7cb5 
							
						 
					 
					
						
						
							
							Added second attribute to avoid unstable nature of qsort  
						
						
						
					 
					
						2021-04-02 04:07:18 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							7387ec23ac 
							
						 
					 
					
						
						
							
							Revert "Removed return value of build_distance_tables"  
						
						... 
						
						
						
						This reverts commit a4a38b805b 
						
					 
					
						2021-04-02 04:07:18 +11:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ee635befc6 
							
						 
					 
					
						
						
							
							Merge pull request  #5377  from hugovk/security-and-release-notes  
						
						... 
						
						
						
						Security fixes for 8.2.0 
						
					 
					
						2021-04-01 20:00:22 +03:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							694c84f88f 
							
						 
					 
					
						
						
							
							Fix typo [ci skip]  
						
						... 
						
						
						
						Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com> 
						
					 
					
						2021-04-01 20:00:13 +03:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
						
						
							
						
						
							8febdad8dd 
							
						 
					 
					
						
						
							
							Review, typos and lint  
						
						
						
					 
					
						2021-04-01 17:41:46 +03:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
						
						
							
						
						
							fea419665b 
							
						 
					 
					
						
						
							
							Reorder, roughly alphabetic  
						
						
						
					 
					
						2021-04-01 17:26:24 +03:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							496245aa43 
							
						 
					 
					
						
						
							
							Fix BLP DOS -- CVE-2021-28678  
						
						... 
						
						
						
						* BlpImagePlugin did not properly check that reads after jumping to
  file offsets returned data. This could lead to a DOS where the
  decoder could be run a large number of times on empty data
* This dates to Pillow 5.1.0 
						
					 
					
						2021-04-01 17:17:35 +03:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							22e9bee4ef 
							
						 
					 
					
						
						
							
							Fix DOS in PSDImagePlugin -- CVE-2021-28675  
						
						... 
						
						
						
						* PSDImagePlugin did not sanity check the number of input layers and
  vs the size of the data block, this could lead to a DOS on
  Image.open prior to Image.load.
* This issue dates to the PIL fork 
						
					 
					
						2021-04-01 17:17:31 +03:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							ba65f0b08e 
							
						 
					 
					
						
						
							
							Fix Memory DOS in ImageFont  
						
						... 
						
						
						
						* A corrupt or specially crafted TTF font could have font metrics that
  lead to unreasonably large sizes when rendering text in
  font. ImageFont.py did not check the image size before allocating
  memory for it.
* Found with oss-fuzz
* This dates from the PIL fork 
						
					 
					
						2021-04-01 17:17:27 +03:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							bb6c11fb88 
							
						 
					 
					
						
						
							
							Fix FLI DOS -- CVE-2021-28676  
						
						... 
						
						
						
						* FliDecode did not properly check that the block advance was
  non-zero, potentally leading to an infinite loop on load.
* This dates to the PIL Fork
* Found with oss-fuzz 
						
					 
					
						2021-04-01 17:17:23 +03:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							5a5e6db0ab 
							
						 
					 
					
						
						
							
							Fix EPS DOS on _open -- CVE-2021-28677  
						
						... 
						
						
						
						* The readline used in EPS has to deal with any combination of \r and
  \n as line endings. It used an accidentally quadratic method of
  accumulating lines while looking for a line ending.
* A malicious EPS file could use this to perform a DOS of Pillow in
  the open phase, before an image was accepted for opening.
* This dates to the PIL Fork 
						
					 
					
						2021-04-01 17:17:18 +03:00 
						 
				 
			
				
					
						
							
							
								Eric Soroos 
							
						 
					 
					
						
						
						
						
							
						
						
							3bf5eddb89 
							
						 
					 
					
						
						
							
							Fix OOB Read in Jpeg2KDecode CVE-2021-25287,CVE-2021-25288  
						
						... 
						
						
						
						* For J2k images with multiple bands, it's legal in to have different
  widths for each band, e.g. 1 byte for L, 4 bytes for A
* This dates to Pillow 2.4.0 
						
					 
					
						2021-04-01 17:17:13 +03:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
						
						
							
						
						
							8ec027867f 
							
						 
					 
					
						
						
							
							Add security release notes  
						
						
						
					 
					
						2021-04-01 17:15:44 +03:00 
						 
				 
			
				
					
						
							
							
								Hugo van Kemenade 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ef5f294d74 
							
						 
					 
					
						
						
							
							Merge pull request  #5376  from radarhere/xmp  
						
						
						
					 
					
						2021-04-01 15:38:11 +03:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							ae7110a85d 
							
						 
					 
					
						
						
							
							Added release notes [ci skip]  
						
						
						
					 
					
						2021-04-01 23:18:30 +11:00 
						 
				 
			
				
					
						
							
							
								Andrew Murray 
							
						 
					 
					
						
						
						
						
							
						
						
							e12d5042ad 
							
						 
					 
					
						
						
							
							Adjusted docstring  
						
						
						
					 
					
						2021-04-01 22:28:42 +11:00