chore(deps): update dependency pillow to v9

[dev-mend-for-github.lhy31512.workers.dev]

This PR contains the following updates:

Package	Update	Change
pillow (changelog)	major	==7.2.0 -> ==9.3.0

By merging this PR, the issue #11 will be automatically resolved and closed:

Severity	CVSS Score	CVE	Reachability
Critical	9.8	CVE-2021-25289
Critical	9.8	CVE-2021-34552
Critical	9.8	CVE-2022-22817
Critical	9.1	CVE-2021-25287
Critical	9.1	CVE-2021-25288
Critical	9.1	CVE-2022-24303
High	8.8	CVE-2020-35654
High	7.5	CVE-2021-23437
High	7.5	CVE-2021-25290
High	7.5	CVE-2021-25291
High	7.5	CVE-2021-25293
High	7.5	CVE-2021-27921
High	7.5	CVE-2021-27922
High	7.5	CVE-2021-27923
High	7.5	CVE-2021-28676
High	7.5	CVE-2021-28677
High	7.5	CVE-2022-45198
High	7.5	CVE-2022-45199
High	7.5	WS-2022-0097
High	7.1	CVE-2020-35653
Medium	6.5	CVE-2021-25292
Medium	6.5	CVE-2022-22815
Medium	6.5	CVE-2022-22816
Medium	5.5	CVE-2021-28675
Medium	5.5	CVE-2021-28678
Medium	5.4	CVE-2020-35655

---

Release Notes

python-pillow/Pillow (pillow)

v9.3.0

Compare Source

• Limit SAMPLESPERPIXEL to avoid runtime DOS #​6700
  [wiredfool]

• Initialize libtiff buffer when saving #​6699
  [radarhere]

• Inline fname2char to fix memory leak #​6329
  [nulano]

• Fix memory leaks related to text features #​6330
  [nulano]

• Use double quotes for version check on old CPython on Windows #​6695
  [hugovk]

• Remove backup implementation of Round for Windows platforms #​6693
  [cgohlke]

• Fixed set_variation_by_name offset #​6445
  [radarhere]

• Fix malloc in _imagingft.c:font_setvaraxes #​6690
  [cgohlke]

• Release Python GIL when converting images using matrix operations #​6418
  [hmaarrfk]

• Added ExifTags enums #​6630
  [radarhere]

• Do not modify previous frame when calculating delta in PNG #​6683
  [radarhere]

• Added support for reading BMP images with RLE4 compression #​6674
  [npjg, radarhere]

• Decode JPEG compressed BLP1 data in original mode #​6678
  [radarhere]

• Added GPS TIFF tag info #​6661
  [radarhere]

• Added conversion between RGB/RGBA/RGBX and LAB #​6647
  [radarhere]

• Do not attempt normalization if mode is already normal #​6644
  [radarhere]

• Fixed seeking to an L frame in a GIF #​6576
  [radarhere]

• Consider all frames when selecting mode for PNG save_all #​6610
  [radarhere]

• Don't reassign crc on ChunkStream close #​6627
  [wiredfool, radarhere]

• Raise a warning if NumPy failed to raise an error during conversion #​6594
  [radarhere]

• Show all frames in ImageShow #​6611
  [radarhere]

• Allow FLI palette chunk to not be first #​6626
  [radarhere]

• If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode #​6592
  [radarhere]

• Round box position to integer when pasting embedded color #​6517
  [radarhere, nulano]

• Removed EXIF prefix when saving WebP #​6582
  [radarhere]

• Pad IM palette to 768 bytes when saving #​6579
  [radarhere]

• Added DDS BC6H reading #​6449
  [ShadelessFox, REDxEYE, radarhere]

• Added support for opening WhiteIsZero 16-bit integer TIFF images #​6642
  [JayWiz, radarhere]

• Raise an error when allocating translucent color to RGB palette #​6654
  [jsbueno, radarhere]

• Added reading of TIFF child images #​6569
  [radarhere]

• Improved ImageOps palette handling #​6596
  [PososikTeam, radarhere]

• Defer parsing of palette into colors #​6567
  [radarhere]

• Apply transparency to P images in ImageTk.PhotoImage #​6559
  [radarhere]

• Use rounding in ImageOps contain() and pad() #​6522
  [bibinhashley, radarhere]

• Fixed GIF remapping to palette with duplicate entries #​6548
  [radarhere]

• Allow remap_palette() to return an image with less than 256 palette entries #​6543
  [radarhere]

• Corrected BMP and TGA palette size when saving #​6500
  [radarhere]

• Do not call load() before draft() in Image.thumbnail #​6539
  [radarhere]

• Copy palette when converting from P to PA #​6497
  [radarhere]

• Allow RGB and RGBA values for PA image putpixel #​6504
  [radarhere]

• Removed support for tkinter in PyPy before Python 3.6 #​6551
  [nulano]

• Do not use CCITTFaxDecode filter if libtiff is not available #​6518
  [radarhere]

• Fallback to not using mmap if buffer is not large enough #​6510
  [radarhere]

• Fixed writing bytes as ASCII tag #​6493
  [radarhere]

• Open 1 bit EPS in mode 1 #​6499
  [radarhere]

• Removed support for tkinter before Python 1.5.2 #​6549
  [radarhere]

• Allow default ImageDraw font to be set #​6484
  [radarhere, hugovk]

• Save 1 mode PDF using CCITTFaxDecode filter #​6470
  [radarhere]

• Added support for RGBA PSD images #​6481
  [radarhere]

• Parse orientation from XMP tag contents #​6463
  [bigcat88, radarhere]

• Added support for reading ATI1/ATI2 (BC4/BC5) DDS images #​6457
  [REDxEYE, radarhere]

• Do not clear GIF tile when checking number of frames #​6455
  [radarhere]

• Support saving multiple MPO frames #​6444
  [radarhere]

• Do not double quote Pillow version for setuptools >= 60 #​6450
  [radarhere]

• Added ABGR BMP mask mode #​6436
  [radarhere]

• Fixed PSDraw rectangle #​6429
  [radarhere]

• Raise ValueError if PNG sRGB chunk is truncated #​6431
  [radarhere]

• Handle missing Python executable in ImageShow on macOS #​6416
  [bryant1410, radarhere]

v9.2.0

Compare Source

• Deprecate ImageFont.getsize and related functions #​6381
  [nulano, radarhere]

• Fixed null check for fribidi_version_info in FriBiDi shim #​6376
  [nulano]

• Added GIF decompression bomb check #​6402
  [radarhere]

• Handle PCF fonts files with less than 256 characters #​6386
  [dawidcrivelli, radarhere]

• Improved GIF optimize condition #​6378
  [raygard, radarhere]

• Reverted to array_interface with the release of NumPy 1.23 #​6394
  [radarhere]

• Pad PCX palette to 768 bytes when saving #​6391
  [radarhere]

• Fixed bug with rounding pixels to palette colors #​6377
  [btrekkie, radarhere]

• Use gnome-screenshot on Linux if available #​6361
  [radarhere, nulano]

• Fixed loading L mode BMP RLE8 images #​6384
  [radarhere]

• Fixed incorrect operator in ImageCms error #​6370
  [LostBenjamin, hugovk, radarhere]

• Limit FPX tile size to avoid extending outside image #​6368
  [radarhere]

• Added support for decoding plain PPM formats #​5242
  [Piolie, radarhere]

• Added apply_transparency() #​6352
  [radarhere]

• Fixed behaviour change from endian fix #​6197
  [radarhere]

• Allow remapping P images with RGBA palettes #​6350
  [radarhere]

• Fixed drawing translucent 1px high polygons #​6278
  [radarhere]

• Pad COLORMAP to 768 items when saving TIFF #​6232
  [radarhere]

• Fix P -> PA conversion #​6337
  [RedShy, radarhere]

• Once exif data is parsed, do not reload unless it changes #​6335
  [radarhere]

• Only try to connect discontiguous corners at the end of edges #​6303
  [radarhere]

• Improve transparency handling when saving GIF images #​6176
  [radarhere]

• Do not update GIF frame position until local image is found #​6219
  [radarhere]

• Netscape GIF extension belongs after the global color table #​6211
  [radarhere]

• Only write GIF comments at the beginning of the file #​6300
  [raygard, radarhere]

• Separate multiple GIF comment blocks with newlines #​6294
  [raygard, radarhere]

• Always use GIF89a for comments #​6292
  [raygard, radarhere]

• Ignore compression value from BMP info dictionary when saving as TIFF #​6231
  [radarhere]

• If font is file-like object, do not re-read from object to get variant #​6234
  [radarhere]

• Raise ValueError when trying to access internal fp after close #​6213
  [radarhere]

• Support more affine expression forms in im.point() #​6254
  [benrg, radarhere]

• Populate Python palette in fromarray() #​6283
  [radarhere]

• Raise ValueError if PNG chunks are truncated #​6253
  [radarhere]

• Use durations from each frame by default when saving GIFs #​6265
  [radarhere]

• Adjust BITSPERSAMPLE to match SAMPLESPERPIXEL when opening TIFFs #​6270
  [radarhere]

• Search pkgconf system libs/cflags #​6138
  [jameshilliard, radarhere]

• Raise ValueError for invalid PPM maxval #​6242
  [radarhere]

• Corrected screencapture argument in ImageGrab.grab() #​6244
  [axt-one]

• Deprecate support for Qt 5 (PyQt5 and PySide2) #​6237
  [hugovk, radarhere]

• Increase wait time of temporary file deletion on Windows #​6224
  [AlexTedeschi]

• Deprecate FreeTypeFont.getmask2 fill parameter #​6220
  [nulano, radarhere, hugovk]

• Round lut values where necessary #​6188
  [radarhere]

• Load before getting size in resize() #​6190
  [radarhere]

• Load image before performing size calculations in thumbnail() #​6186
  [radarhere]

• Deprecated PhotoImage.paste() box parameter #​6178
  [radarhere]

v9.1.1

Compare Source

• When reading past the end of a TGA scan line, reduce bytes left. CVE-2022-30595
  [radarhere]

• Do not open images with zero or negative height #​6269
  [radarhere]

v9.1.0

Compare Source

• Add support for multiple component transformation to JPEG2000 #​5500
  [scaramallion, radarhere, hugovk]

• Fix loading FriBiDi on Alpine #​6165
  [nulano]

• Added setting for converting GIF P frames to RGB #​6150
  [radarhere]

• Allow 1 mode images to be inverted #​6034
  [radarhere]

• Raise ValueError when trying to save empty JPEG #​6159
  [radarhere]

• Always save TIFF with contiguous planar configuration #​5973
  [radarhere]

• Connected discontiguous polygon corners #​5980
  [radarhere]

• Ensure Tkinter hook is activated for getimage() #​6032
  [radarhere]

• Use screencapture arguments to crop on macOS #​6152
  [radarhere]

• Do not mark L mode JPEG as 1 bit in PDF #​6151
  [radarhere]

• Added support for reading I;16R TIFF images #​6132
  [radarhere]

• If an error occurs after creating a file, remove the file #​6134
  [radarhere]

• Fixed calling DisplayViewer or XVViewer without a title #​6136
  [radarhere]

• Retain RGBA transparency when saving multiple GIF frames #​6128
  [radarhere]

• Save additional ICO frames with other bit depths if supplied #​6122
  [radarhere]

• Handle EXIF data truncated to just the header #​6124
  [radarhere]

• Added support for reading BMP images with RLE8 compression #​6102
  [radarhere]

• Support Python distributions where _tkinter is compiled in #​6006
  [lukegb]

• Added support for PPM arbitrary maxval #​6119
  [radarhere]

• Added BigTIFF reading #​6097
  [radarhere]

• When converting, clip I;16 to be unsigned, not signed #​6112
  [radarhere]

• Fixed loading L mode GIF with transparency #​6086
  [radarhere]

• Improved handling of PPM header #​5121
  [Piolie, radarhere]

• Reset size when seeking away from "Large Thumbnail" MPO frame #​6101
  [radarhere]

• Replace requirements.txt with extras #​6072
  [hugovk, radarhere]

• Added PyEncoder and support BLP saving #​6069
  [radarhere]

• Handle TGA images with packets that cross scan lines #​6087
  [radarhere]

• Added FITS reading #​6056
  [radarhere, hugovk]

• Added rawmode argument to Image.getpalette() #​6061
  [radarhere]

• Fixed BUFR, GRIB and HDF5 stub saving #​6071
  [radarhere]

• Do not automatically remove temporary ImageShow files on Unix #​6045
  [radarhere]

• Correctly read JPEG compressed BLP images #​4685
  [Meithal, radarhere]

• Merged _MODE_CONV typ into ImageMode as typestr #​6057
  [radarhere]

• Consider palette size when converting and in getpalette() #​6060
  [radarhere]

• Added enums #​5954
  [radarhere]

• Ensure image is opaque after converting P to PA with RGB palette #​6052
  [radarhere]

• Attach RGBA palettes from putpalette() when suitable #​6054
  [radarhere]

• Added get_photoshop_blocks() to parse Photoshop TIFF tag #​6030
  [radarhere]

• Drop excess values in BITSPERSAMPLE #​6041
  [mikhail-iurkov]

• Added unpacker from RGBA;15 to RGB #​6031
  [radarhere]

• Enable arm64 for MSVC on Windows #​5811
  [gaborkertesz-linaro, gaborkertesz]

• Keep IPython/Jupyter text/plain output stable #​5891
  [shamrin, radarhere]

• Raise an error when performing a negative crop #​5972
  [radarhere, hugovk]

• Deprecated show_file "file" argument in favour of "path" #​5959
  [radarhere]

• Fixed SPIDER images for use with Bio-formats library #​5956
  [radarhere]

• Ensure duplicated file pointer is closed #​5946
  [radarhere]

• Added specific error if path coordinate type is incorrect #​5942
  [radarhere]

• Return an empty bytestring from tobytes() for an empty image #​5938
  [radarhere]

• Remove readonly from Image.eq #​5930
  [hugovk]

v9.0.1

Compare Source

• In show_file, use os.remove to remove temporary images. CVE-2022-24303 #​6010
  [radarhere, hugovk]

• Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 #​6009
  [radarhere]

v9.0.0

Compare Source

• Restrict builtins for ImageMath.eval(). CVE-2022-22817 #​5923
  [radarhere]

• Ensure JpegImagePlugin stops at the end of a truncated file #​5921
  [radarhere]

• Fixed ImagePath.Path array handling. CVE-2022-22815, CVE-2022-22816 #​5920
  [radarhere]

• Remove consecutive duplicate tiles that only differ by their offset #​5919
  [radarhere]

• Improved I;16 operations on big endian #​5901
  [radarhere]

• Limit quantized palette to number of colors #​5879
  [radarhere]

• Fixed palette index for zeroed color in FASTOCTREE quantize #​5869
  [radarhere]

• When saving RGBA to GIF, make use of first transparent palette entry #​5859
  [radarhere]

• Pass SAMPLEFORMAT to libtiff #​5848
  [radarhere]

• Added rounding when converting P and PA #​5824
  [radarhere]

• Improved putdata() documentation and data handling #​5910
  [radarhere]

• Exclude carriage return in PDF regex to help prevent ReDoS #​5912
  [hugovk]

• Fixed freeing pointer in ImageDraw.Outline.transform #​5909
  [radarhere]

• Added ImageShow support for xdg-open #​5897
  [m-shinder, radarhere]

• Support 16-bit grayscale ImageQt conversion #​5856
  [cmbruns, radarhere]

• Convert subsequent GIF frames to RGB or RGBA #​5857
  [radarhere]

• Do not prematurely return in ImageFile when saving to stdout #​5665
  [infmagic2047, radarhere]

• Added support for top right and bottom right TGA orientations #​5829
  [radarhere]

• Corrected ICNS file length in header #​5845
  [radarhere]

• Block tile TIFF tags when saving #​5839
  [radarhere]

• Added line width argument to polygon #​5694
  [radarhere]

• Do not redeclare class each time when converting to NumPy #​5844
  [radarhere]

• Only prevent repeated polygon pixels when drawing with transparency #​5835
  [radarhere]

• Add support for pickling TrueType fonts #​5826
  [hugovk, radarhere]

• Only prefer command line tools SDK on macOS over default MacOSX SDK #​5828
  [radarhere]

• Drop support for soon-EOL Python 3.6 #​5768
  [hugovk, nulano, radarhere]

• Fix compilation on 64-bit Termux #​5793
  [landfillbaby]

• Use title for display in ImageShow #​5788
  [radarhere]

• Remove support for FreeType 2.7 and older #​5777
  [hugovk, radarhere]

• Fix for PyQt6 #​5775
  [hugovk, radarhere]

• Removed deprecated PILLOW_VERSION, Image.show command parameter, Image._showxv and ImageFile.raise_ioerror #​5776
  [radarhere]

v8.4.0

Compare Source

• Prefer global transparency in GIF when replacing with background color #​5756
  [radarhere]

• Added "exif" keyword argument to TIFF saving #​5575
  [radarhere]

• Copy Python palette to new image in quantize() #​5696
  [radarhere]

• Read ICO AND mask from end #​5667
  [radarhere]

• Actually check the framesize in FliDecode.c #​5659
  [wiredfool]

• Determine JPEG2000 mode purely from ihdr header box #​5654
  [radarhere]

• Fixed using info dictionary when writing multiple APNG frames #​5611
  [radarhere]

• Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 #​5655
  [radarhere]

• For GIF save_all with palette, do not include palette with each frame #​5603
  [radarhere]

• Keep transparency when converting from P to LA or PA #​5606
  [radarhere]

• Copy palette to new image in transform() #​5647
  [radarhere]

• Added "transparency" argument to EpsImagePlugin load() #​5620
  [radarhere]

• Corrected pathlib.Path detection when saving #​5633
  [radarhere]

• Added WalImageFile class #​5618
  [radarhere]

• Consider I;16 pixel size when drawing text #​5598
  [radarhere]

• If default conversion from P is RGB with transparency, convert to RGBA #​5594
  [radarhere]

• Speed up rotating square images by 90 or 270 degrees #​5646
  [radarhere]

• Add support for reading DPI information from JPEG2000 images
  [rogermb, radarhere]

• Catch TypeError from corrupted DPI value in EXIF #​5639
  [homm, radarhere]

• Do not close file pointer when saving SGI images #​5645
  [farizrahman4u, radarhere]

• Deprecate ImagePalette size parameter #​5641
  [radarhere, hugovk]

• Prefer command line tools SDK on macOS #​5624
  [radarhere]

• Added tags when saving YCbCr TIFF #​5597
  [radarhere]

• PSD layer count may be negative #​5613
  [radarhere]

• Fixed ImageOps expand with tuple border on P image #​5615
  [radarhere]

• Fixed error saving APNG with duplicate frames and different duration times #​5609
  [thak1411, radarhere]

v8.3.2

Compare Source

• CVE-2021-23437 Raise ValueError if color specifier is too long
  [hugovk, radarhere]

• Fix 6-byte OOB read in FliDecode
  [wiredfool]

• Add support for Python 3.10 #​5569, #​5570
  [hugovk, radarhere]

• Ensure TIFF RowsPerStrip is multiple of 8 for JPEG compression #​5588
  [kmilos, radarhere]

• Updates for ImagePalette channel order #​5599
  [radarhere]

• Hide FriBiDi shim symbols to avoid conflict with real FriBiDi library #​5651
  [nulano]

v8.3.1

Compare Source

• Catch OSError when checking if fp is sys.stdout #​5585
  [radarhere]

• Handle removing orientation from alternate types of EXIF data #​5584
  [radarhere]

• Make Image.array take optional dtype argument #​5572
  [t-vi, radarhere]

v8.3.0

Compare Source

• Use snprintf instead of sprintf. CVE-2021-34552 #​5567
  [radarhere]

• Limit TIFF strip size when saving with LibTIFF #​5514
  [kmilos]

• Allow ICNS save on all operating systems #​4526
  [baletu, radarhere, newpanjing, hugovk]

• De-zigzag JPEG's DQT when loading; deprecate convert_dict_qtables #​4989
  [gofr, radarhere]

• Replaced xml.etree.ElementTree #​5565
  [radarhere]

• Moved CVE image to pillow-depends #​5561
  [radarhere]

• Added tag data for IFD groups #​5554
  [radarhere]

• Improved ImagePalette #​5552
  [radarhere]

• Add DDS saving #​5402
  [radarhere]

• Improved getxmp() #​5455
  [radarhere]

• Convert to float for comparison with float in IFDRational eq #​5412
  [radarhere]

• Allow getexif() to access TIFF tag_v2 data #​5416
  [radarhere]

• Read FITS image mode and size #​5405
  [radarhere]

• Merge parallel horizontal edges in ImagingDrawPolygon #​5347
  [radarhere, hrdrq]

• Use transparency behind first GIF frame and when disposing to background #​5557
  [radarhere, zewt]

• Avoid unstable nature of qsort in Quant.c #​5367
  [radarhere]

• Copy palette to new images in ImageOps expand #​5551
  [radarhere]

• Ensure palette string matches RGB mode #​5549
  [radarhere]

• Do not modify EXIF of original image instance in exif_transpose() #​5547
  [radarhere]

• Fixed default numresolution for small JPEG2000 images #​5540
  [radarhere]

• Added DDS BC5 reading #​5501
  [radarhere]

• Raise an error if ImageDraw.textbbox is used without a TrueType font #​5510
  [radarhere]

• Added ICO saving in BMP format #​5513
  [radarhere]

• Ensure PNG seeks to end of previous chunk at start of load_end #​5493
  [radarhere]

• Do not allow TIFF to seek to a past frame #​5473
  [radarhere]

• Avoid race condition when displaying images with eog #​5507
  [mconst]

• Added specific error messages when ink has incorrect number of bands #​5504
  [radarhere]

• Allow converting an image to a numpy array to raise errors #​5379
  [radarhere]

• Removed DPI rounding from BMP, JPEG, PNG and WMF loading #​5476, #​5470
  [radarhere]

• Remove spikes when drawing thin pieslices #​5460
  [xtsm]

• Updated default value for SAMPLESPERPIXEL TIFF tag #​5452
  [radarhere]

• Removed TIFF DPI rounding #​5446
  [radarhere, hugovk]

• Include code in WebP error #​5471
  [radarhere]

• Do not alter pixels outside mask when drawing text on an image with transparency #​5434
  [radarhere]

• Reset handle when seeking backwards in TIFF #​5443
  [radarhere]

• Replace sys.stdout with sys.stdout.buffer when saving #​5437
  [radarhere]

• Fixed UNDEFINED TIFF tag of length 0 being changed in roundtrip #​5426
  [radarhere]

• Fixed bug when checking FreeType2 version if it is not installed #​5445
  [radarhere]

• Do not round dimensions when saving PDF #​5459
  [radarhere]

• Added ImageOps contain() #​5417
  [radarhere, hugovk]

• Changed WebP default "method" value to 4 #​5450
  [radarhere]

• Switched to saving 1-bit PDFs with DCTDecode #​5430
  [radarhere]

• Use bpp from ICO header #​5429
  [radarhere]

• Corrected JPEG APP14 transform value #​5408
  [radarhere]

• Changed TIFF tag 33723 length to 1 #​5425
  [radarhere]

• Changed ImageMorph incorrect mode errors to ValueError #​5414
  [radarhere]

• Add EXIF tags specified in EXIF 2.32 #​5419
  [gladiusglad]

• Treat previous contents of first GIF frame as transparent #​5391
  [radarhere]

• For special image modes, revert default resize resampling to NEAREST #​5411
  [radarhere]

• JPEG2000: Support decoding subsampled RGB and YCbCr images #​4996
  [nulano, radarhere]

• Stop decoding BC1 punchthrough alpha in BC2&3 #​4144
  [jansol]

• Use zero if GIF background color index is missing #​5390
  [radarhere]

• Fixed ensuring that GIF previous frame was loaded #​5386
  [radarhere]

• Valgrind fixes #​5397
  [wiredfool]

• Round down the radius in rounded_rectangle #​5382
  [radarhere]

• Fixed reading uncompressed RGB data from DDS #​5383
  [radarhere]

v8.2.0

Compare Source

• Added getxmp() method #​5144
  [UrielMaD, radarhere]

• Add ImageShow support for GraphicsMagick #​5349
  [latosha-maltba, radarhere]

• Do not load transparent pixels from subsequent GIF frames #​5333
  [zewt, radarhere]

• Use LZW encoding when saving GIF images #​5291
  [raygard]

• Set all transparent colors to be equal in quantize() #​5282
  [radarhere]

• Allow PixelAccess to use Python int when parsing x and y #​5206
  [radarhere]

• Removed Image._MODEINFO #​5316
  [radarhere]

• Add preserve_tone option to autocontrast #​5350
  [elejke, radarhere]

• Fixed linear_gradient and radial_gradient I and F modes #​5274
  [radarhere]

• Add support for reading TIFFs with PlanarConfiguration=2 #​5364
  [kkopachev, wiredfool, nulano]

• Deprecated categories #​5351
  [radarhere]

• Do not premultiply alpha when resizing with Image.NEAREST resampling #​5304
  [nulano]

• Dynamically link FriBiDi instead of Raqm #​5062
  [nulano]

• Allow fewer PNG palette entries than the bit depth maximum when saving #​5330
  [radarhere]

• Use duration from info dictionary when saving WebP #​5338
  [radarhere]

• Stop flattening EXIF IFD into getexif() #​4947
  [radarhere, kkopachev]

• Replaced tiff_deflate with tiff_adobe_deflate compression when saving TIFF images #​5343
  [radarhere]

• Save ICC profile from TIFF encoderinfo #​5321
  [radarhere]

• Moved RGB fix inside ImageQt class #​5268
  [radarhere]

• Allow alpha_composite destination to be negative #​5313
  [radarhere]

• Ensure file is closed if it is opened by ImageQt.ImageQt #​5260
  [radarhere]

• Added ImageDraw rounded_rectangle method #​5208
  [radarhere]

• Added IPythonViewer #​5289
  [radarhere, Kipkurui-mutai]

• Only draw each rectangle outline pixel once #​5183
  [radarhere]

• Use mmap instead of built-in Win32 mapper #​5224
  [radarhere, cgohlke]

• Handle PCX images with an odd stride #​5214
  [radarhere]

• Only read different sizes for "Large Thumbnail" MPO frames #​5168
  [radarhere]

• Added PyQt6 support #​5258
  [radarhere]

• Changed Image.open formats parameter to be case-insensitive #​5250
  [Piolie, radarhere]

• Deprecate Tk/Tcl 8.4, to be removed in Pillow 10 (2023-07-01) #​5216
  [radarhere]

• Added tk version to pilinfo #​5226
  [radarhere, nulano]

• Support for ignoring tests when running valgrind #​5150
  [wiredfool, radarhere, hugovk]

• OSS-Fuzz support #​5189
  [wiredfool, radarhere]

v8.1.2

Compare Source

• Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
  [wiredfool]

v8.1.1

Compare Source

• Use more specific regex chars to prevent ReDoS. CVE-2021-25292
  [hugovk]

• Fix OOB Read in TiffDecode.c, and check the tile validity before reading. CVE-2021-25291
  [wiredfool]

• Fix negative size read in TiffDecode.c. CVE-2021-25290
  [wiredfool]

• Fix OOB read in SgiRleDecode.c. CVE-2021-25293
  [wiredfool]

• Incorrect error code checking in TiffDecode.c. CVE-2021-25289
  [wiredfool]

• PyModule_AddObject fix for Python 3.10 #​5194
  [radarhere]

v8.1.0

Compare Source

• Fix TIFF OOB Write error. CVE-2020-35654 #​5175
  [wiredfool]

• Fix for Read Overflow in PCX Decoding. CVE-2020-35653 #​5174
  [wiredfool, radarhere]

• Fix for SGI Decode buffer overrun. CVE-2020-35655 #​5173
  [wiredfool, radarhere]

• Fix OOB Read when saving GIF of xsize=1 #​5149
  [wiredfool]

• Makefile updates #​5159
  [wiredfool, radarhere]

• Add support for PySide6 #​5161
  [hugovk]

• Use disposal settings from previous frame in APNG #​5126
  [radarhere]

• Added exception explaining that repr_png saves to PNG #​5139
  [radarhere]

• Use previous disposal method in GIF load_end #​5125
  [radarhere]

• Allow putpalette to accept 1024 integers to include alpha values #​5089
  [radarhere]

• Fix OOB Read when writing TIFF with custom Metadata #​5148
  [wiredfool]

• Added append_images support for ICO #​4568
  [ziplantil, radarhere]

• Block TIFFTAG_SUBIFD #​5120
  [radarhere]

• Fixed dereferencing potential null pointers #​5108, #​5111
  [cgohlke, radarhere]

• Deprecate FreeType 2.7 #​5098
  [hugovk, radarhere]

• Moved warning to end of execution #​4965
  [radarhere]

• Removed unused fromstring and tostring C methods #​5026
  [radarhere]

• init() if one of the formats is unrecognised #​5037
  [radarhere]

• Moved string_dimension CVE image to pillow-depends #​4993
  [radarhere]

• Support raw rgba8888 for DDS #​4760
  [qiankanglai]

v8.0.1

[Compare Source](https://redirect.github.com/python-pillow/Pillow/compare/8.0.0.