Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency Pillow to v9 [SECURITY] - abandoned #41

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Apr 26, 2021

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
Pillow (source, changelog) ==7.2.0 -> ==9.0.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-35655

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.

CVE-2021-27922

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.

CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.

CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.

CVE-2021-27921

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.

CVE-2021-27923

Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large.

CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS (ReDoS) attack via a crafted PDF file because of a catastrophic backtracking regex.

CVE-2021-25293

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.

CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.

CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i. This dates to Pillow 2.4.0.

CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CVE-2021-28675

An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.

CVE-2021-28676

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.

CVE-2021-28677

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening.

CVE-2022-22815

Pillow is the friendly PIL (Python Imaging Library) fork. path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

CVE-2022-22816

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

CVE-2022-24303

If the path to the temporary directory on Linux or macOS contained a space, this would break removal of the temporary image file after im.show() (and related actions), and potentially remove an unrelated file. This been present since PIL.

GHSA-4fx9-vc88-q2xc

JpegImagePlugin may append an EOF marker to the end of a truncated file, so that the last segment of the data will still be processed by the decoder.

If the EOF marker is not detected as such however, this could lead to an infinite loop where JpegImagePlugin keeps trying to end the file.

CVE-2021-25291

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is an out-of-bounds read in TiffreadRGBATile via invalid tile boundaries.


Release Notes

python-pillow/Pillow

v9.0.1

Compare Source

v9.0.0

Compare Source

  • Restrict builtins for ImageMath.eval(). CVE-2022-22817 #​5923
    [radarhere]

  • Ensure JpegImagePlugin stops at the end of a truncated file #​5921
    [radarhere]

  • Fixed ImagePath.Path array handling. CVE-2022-22815, CVE-2022-22816 #​5920
    [radarhere]

  • Remove consecutive duplicate tiles that only differ by their offset #​5919
    [radarhere]

  • Improved I;16 operations on big endian #​5901
    [radarhere]

  • Limit quantized palette to number of colors #​5879
    [radarhere]

  • Fixed palette index for zeroed color in FASTOCTREE quantize #​5869
    [radarhere]

  • When saving RGBA to GIF, make use of first transparent palette entry #​5859
    [radarhere]

  • Pass SAMPLEFORMAT to libtiff #​5848
    [radarhere]

  • Added rounding when converting P and PA #​5824
    [radarhere]

  • Improved putdata() documentation and data handling #​5910
    [radarhere]

  • Exclude carriage return in PDF regex to help prevent ReDoS #​5912
    [hugovk]

  • Fixed freeing pointer in ImageDraw.Outline.transform #​5909
    [radarhere]

  • Added ImageShow support for xdg-open #​5897
    [m-shinder, radarhere]

  • Support 16-bit grayscale ImageQt conversion #​5856
    [cmbruns, radarhere]

  • Convert subsequent GIF frames to RGB or RGBA #​5857
    [radarhere]

  • Do not prematurely return in ImageFile when saving to stdout #​5665
    [infmagic2047, radarhere]

  • Added support for top right and bottom right TGA orientations #​5829
    [radarhere]

  • Corrected ICNS file length in header #​5845
    [radarhere]

  • Block tile TIFF tags when saving #​5839
    [radarhere]

  • Added line width argument to polygon #​5694
    [radarhere]

  • Do not redeclare class each time when converting to NumPy #​5844
    [radarhere]

  • Only prevent repeated polygon pixels when drawing with transparency #​5835
    [radarhere]

  • Add support for pickling TrueType fonts #​5826
    [hugovk, radarhere]

  • Only prefer command line tools SDK on macOS over default MacOSX SDK #​5828
    [radarhere]

  • Drop support for soon-EOL Python 3.6 #​5768
    [hugovk, nulano, radarhere]

  • Fix compilation on 64-bit Termux #​5793
    [landfillbaby]

  • Use title for display in ImageShow #​5788
    [radarhere]

  • Remove support for FreeType 2.7 and older #​5777
    [hugovk, radarhere]

  • Fix for PyQt6 #​5775
    [hugovk, radarhere]

  • Removed deprecated PILLOW_VERSION, Image.show command parameter, Image._showxv and ImageFile.raise_ioerror #​5776
    [radarhere]

v8.4.0

Compare Source

  • Prefer global transparency in GIF when replacing with background color #​5756
    [radarhere]

  • Added "exif" keyword argument to TIFF saving #​5575
    [radarhere]

  • Copy Python palette to new image in quantize() #​5696
    [radarhere]

  • Read ICO AND mask from end #​5667
    [radarhere]

  • Actually check the framesize in FliDecode.c #​5659
    [wiredfool]

  • Determine JPEG2000 mode purely from ihdr header box #​5654
    [radarhere]

  • Fixed using info dictionary when writing multiple APNG frames #​5611
    [radarhere]

  • Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 #​5655
    [radarhere]

  • For GIF save_all with palette, do not include palette with each frame #​5603
    [radarhere]

  • Keep transparency when converting from P to LA or PA #​5606
    [radarhere]

  • Copy palette to new image in transform() #​5647
    [radarhere]

  • Added "transparency" argument to EpsImagePlugin load() #​5620
    [radarhere]

  • Corrected pathlib.Path detection when saving #​5633
    [radarhere]

  • Added WalImageFile class #​5618
    [radarhere]

  • Consider I;16 pixel size when drawing text #​5598
    [radarhere]

  • If default conversion from P is RGB with transparency, convert to RGBA #​5594
    [radarhere]

  • Speed up rotating square images by 90 or 270 degrees #​5646
    [radarhere]

  • Add support for reading DPI information from JPEG2000 images
    [rogermb, radarhere]

  • Catch TypeError from corrupted DPI value in EXIF #​5639
    [homm, radarhere]

  • Do not close file pointer when saving SGI images #​5645
    [farizrahman4u, radarhere]

  • Deprecate ImagePalette size parameter #​5641
    [radarhere, hugovk]

  • Prefer command line tools SDK on macOS #​5624
    [radarhere]

  • Added tags when saving YCbCr TIFF #​5597
    [radarhere]

  • PSD layer count may be negative #​5613
    [radarhere]

  • Fixed ImageOps expand with tuple border on P image #​5615
    [radarhere]

  • Fixed error saving APNG with duplicate frames and different duration times #​5609
    [thak1411, radarhere]

v8.3.2

Compare Source

  • CVE-2021-23437 Raise ValueError if color specifier is too long
    [hugovk, radarhere]

  • Fix 6-byte OOB read in FliDecode
    [wiredfool]

  • Add support for Python 3.10 #​5569, #​5570
    [hugovk, radarhere]

  • Ensure TIFF RowsPerStrip is multiple of 8 for JPEG compression #​5588
    [kmilos, radarhere]

  • Updates for ImagePalette channel order #​5599
    [radarhere]

  • Hide FriBiDi shim symbols to avoid conflict with real FriBiDi library #​5651
    [nulano]

v8.3.1

Compare Source

  • Catch OSError when checking if fp is sys.stdout #​5585
    [radarhere]

  • Handle removing orientation from alternate types of EXIF data #​5584
    [radarhere]

  • Make Image.array take optional dtype argument #​5572
    [t-vi, radarhere]

v8.3.0

Compare Source

  • Use snprintf instead of sprintf. CVE-2021-34552 #​5567
    [radarhere]

  • Limit TIFF strip size when saving with LibTIFF #​5514
    [kmilos]

  • Allow ICNS save on all operating systems #​4526
    [baletu, radarhere, newpanjing, hugovk]

  • De-zigzag JPEG's DQT when loading; deprecate convert_dict_qtables #​4989
    [gofr, radarhere]

  • Replaced xml.etree.ElementTree #​5565
    [radarhere]

  • Moved CVE image to pillow-depends #​5561
    [radarhere]

  • Added tag data for IFD groups #​5554
    [radarhere]

  • Improved ImagePalette #​5552
    [radarhere]

  • Add DDS saving #​5402
    [radarhere]

  • Improved getxmp() #​5455
    [radarhere]

  • Convert to float for comparison with float in IFDRational eq #​5412
    [radarhere]

  • Allow getexif() to access TIFF tag_v2 data #​5416
    [radarhere]

  • Read FITS image mode and size #​5405
    [radarhere]

  • Merge parallel horizontal edges in ImagingDrawPolygon #​5347
    [radarhere, hrdrq]

  • Use transparency behind first GIF frame and when disposing to background #​5557
    [radarhere, zewt]

  • Avoid unstable nature of qsort in Quant.c #​5367
    [radarhere]

  • Copy palette to new images in ImageOps expand #​5551
    [radarhere]

  • Ensure palette string matches RGB mode #​5549
    [radarhere]

  • Do not modify EXIF of original image instance in exif_transpose() #​5547
    [radarhere]

  • Fixed default numresolution for small JPEG2000 images #​5540
    [radarhere]

  • Added DDS BC5 reading #​5501
    [radarhere]

  • Raise an error if ImageDraw.textbbox is used without a TrueType font #​5510
    [radarhere]

  • Added ICO saving in BMP format #​5513
    [radarhere]

  • Ensure PNG seeks to end of previous chunk at start of load_end #​5493
    [radarhere]

  • Do not allow TIFF to seek to a past frame #​5473
    [radarhere]

  • Avoid race condition when displaying images with eog #​5507
    [mconst]

  • Added specific error messages when ink has incorrect number of bands #​5504
    [radarhere]

  • Allow converting an image to a numpy array to raise errors #​5379
    [radarhere]

  • Removed DPI rounding from BMP, JPEG, PNG and WMF loading #​5476, #​5470
    [radarhere]

  • Remove spikes when drawing thin pieslices #​5460
    [xtsm]

  • Updated default value for SAMPLESPERPIXEL TIFF tag #​5452
    [radarhere]

  • Removed TIFF DPI rounding #​5446
    [radarhere, hugovk]

  • Include code in WebP error #​5471
    [radarhere]

  • Do not alter pixels outside mask when drawing text on an image with transparency #​5434
    [radarhere]

  • Reset handle when seeking backwards in TIFF #​5443
    [radarhere]

  • Replace sys.stdout with sys.stdout.buffer when saving #​5437
    [radarhere]

  • Fixed UNDEFINED TIFF tag of length 0 being changed in roundtrip #​5426
    [radarhere]

  • Fixed bug when checking FreeType2 version if it is not installed #​5445
    [radarhere]

  • Do not round dimensions when saving PDF #​5459
    [radarhere]

  • Added ImageOps contain() #​5417
    [radarhere, hugovk]

  • Changed WebP default "method" value to 4 #​5450
    [radarhere]

  • Switched to saving 1-bit PDFs with DCTDecode #​5430
    [radarhere]

  • Use bpp from ICO header #​5429
    [radarhere]

  • Corrected JPEG APP14 transform value #​5408
    [radarhere]

  • Changed TIFF tag 33723 length to 1 #​5425
    [radarhere]

  • Changed ImageMorph incorrect mode errors to ValueError #​5414
    [radarhere]

  • Add EXIF tags specified in EXIF 2.32 #​5419
    [gladiusglad]

  • Treat previous contents of first GIF frame as transparent #​5391
    [radarhere]

  • For special image modes, revert default resize resampling to NEAREST #​5411
    [radarhere]

  • JPEG2000: Support decoding subsampled RGB and YCbCr images #​4996
    [nulano, radarhere]

  • Stop decoding BC1 punchthrough alpha in BC2&3 #​4144
    [jansol]

  • Use zero if GIF background color index is missing #​5390
    [radarhere]

  • Fixed ensuring that GIF previous frame was loaded #​5386
    [radarhere]

  • Valgrind fixes #​5397
    [wiredfool]

  • Round down the radius in rounded_rectangle #​5382
    [radarhere]

  • Fixed reading uncompressed RGB data from DDS #​5383
    [radarhere]

v8.2.0

Compare Source

  • Added getxmp() method #​5144
    [UrielMaD, radarhere]

  • Add ImageShow support for GraphicsMagick #​5349
    [latosha-maltba, radarhere]

  • Do not load transparent pixels from subsequent GIF frames #​5333
    [zewt, radarhere]

  • Use LZW encoding when saving GIF images #​5291
    [raygard]

  • Set all transparent colors to be equal in quantize() #​5282
    [radarhere]

  • Allow PixelAccess to use Python int when parsing x and y #​5206
    [radarhere]

  • Removed Image._MODEINFO #​5316
    [radarhere]

  • Add preserve_tone option to autocontrast #​5350
    [elejke, radarhere]

  • Fixed linear_gradient and radial_gradient I and F modes #​5274
    [radarhere]

  • Add support for reading TIFFs with PlanarConfiguration=2 #​5364
    [kkopachev, wiredfool, nulano]

  • Deprecated categories #​5351
    [radarhere]

  • Do not premultiply alpha when resizing with Image.NEAREST resampling #​5304
    [nulano]

  • Dynamically link FriBiDi instead of Raqm #​5062
    [nulano]

  • Allow fewer PNG palette entries than the bit depth maximum when saving #​5330
    [radarhere]

  • Use duration from info dictionary when saving WebP #​5338
    [radarhere]

  • Stop flattening EXIF IFD into getexif() #​4947
    [radarhere, kkopachev]

  • Replaced tiff_deflate with tiff_adobe_deflate compression when saving TIFF images #​5343
    [radarhere]

  • Save ICC profile from TIFF encoderinfo #​5321
    [radarhere]

  • Moved RGB fix inside ImageQt class #​5268
    [radarhere]

  • Allow alpha_composite destination to be negative #​5313
    [radarhere]

  • Ensure file is closed if it is opened by ImageQt.ImageQt #​5260
    [radarhere]

  • Added ImageDraw rounded_rectangle method #​5208
    [radarhere]

  • Added IPythonViewer #​5289
    [radarhere, Kipkurui-mutai]

  • Only draw each rectangle outline pixel once #​5183
    [radarhere]

  • Use mmap instead of built-in Win32 mapper #​5224
    [radarhere, cgohlke]

  • Handle PCX images with an odd stride #​5214
    [radarhere]

  • Only read different sizes for "Large Thumbnail" MPO frames #​5168
    [radarhere]

  • Added PyQt6 support #​5258
    [radarhere]

  • Changed Image.open formats parameter to be case-insensitive #​5250
    [Piolie, radarhere]

  • Deprecate Tk/Tcl 8.4, to be removed in Pillow 10 (2023-07-01) #​5216
    [radarhere]

  • Added tk version to pilinfo #​5226
    [radarhere, nulano]

  • Support for ignoring tests when running valgrind #​5150
    [wiredfool, radarhere, hugovk]

  • OSS-Fuzz support #​5189
    [wiredfool, radarhere]

v8.1.2

Compare Source

v8.1.1

Compare Source

  • Use more specific regex chars to prevent ReDoS. CVE-2021-25292
    [hugovk]

  • Fix OOB Read in TiffDecode.c, and check the tile validity before reading. CVE-2021-25291
    [wiredfool]

  • Fix negative size read in TiffDecode.c. CVE-2021-25290
    [wiredfool]

  • Fix OOB read in SgiRleDecode.c. CVE-2021-25293
    [wiredfool]

  • Incorrect error code checking in TiffDecode.c. CVE-2021-25289
    [wiredfool]

  • PyModule_AddObject fix for Python 3.10 #​5194
    [radarhere]

v8.1.0

Compare Source

  • Fix TIFF OOB Write error. CVE-2020-35654 #​5175
    [wiredfool]

  • Fix for Read Overflow in PCX Decoding. CVE-2020-35653 #​5174
    [wiredfool, radarhere]

  • Fix for SGI Decode buffer overrun. CVE-2020-35655 #​5173
    [wiredfool, radarhere]

  • Fix OOB Read when saving GIF of xsize=1 #​5149
    [wiredfool]

  • Makefile updates #​5159
    [wiredfool, radarhere]

  • Add support for PySide6 #​5161
    [hugovk]

  • Use disposal settings from previous frame in APNG #​5126
    [radarhere]

  • Added exception explaining that repr_png saves to PNG #​5139
    [radarhere]

  • Use previous disposal method in GIF load_end #​5125
    [radarhere]

  • Allow putpalette to accept 1024 integers to include alpha values #​5089
    [radarhere]

  • Fix OOB Read when writing TIFF with custom Metadata #​5148
    [wiredfool]

  • Added append_images support for ICO #​4568
    [ziplantil, radarhere]

  • Block TIFFTAG_SUBIFD #​5120
    [radarhere]

  • Fixed dereferencing potential null pointers #​5108, #​5111
    [cgohlke, radarhere]

  • Deprecate FreeType 2.7 #​5098
    [hugovk, radarhere]

  • Moved warning to end of execution #​4965
    [radarhere]

  • Removed unused fromstring and tostring C methods #​5026
    [radarhere]

  • init() if one of the formats is unrecognised #​5037
    [radarhere]

  • Moved string_dimension CVE image to pillow-depends #​4993
    [radarhere]

  • Support raw rgba8888 for DDS #​4760
    [qiankanglai]

v8.0.1

Compare Source

  • Update FreeType used in binary wheels to 2.10.4 to fix CVE-2020-15999.
    [radarhere]

  • Moved string_dimension image to pillow-depends #​4993
    [radarhere]

v8.0.0

Compare Source

  • Drop support for EOL Python 3.5 #​4746, #​4794
    [hugovk, radarhere, nulano]

  • Drop support for PyPy3 < 7.2.0 #​4964
    [nulano]

  • Remove ImageCms.CmsProfile attributes deprecated since 3.2.0 #​4768
    [hugovk, radarhere]

  • Remove long-deprecated Image.py functions #​4798
    [hugovk, nulano, radarhere]

  • Add support for 16-bit precision JPEG quantization values #​4918
    [gofr]

  • Added reading of IFD tag type #​4979
    [radarhere]

  • Initialize offset memory for PyImagingPhotoPut #​4806
    [nqbit]

  • Fix TiffDecode comparison warnings #​4756
    [nulano]

  • Docs: Add dark mode #​4968
    [hugovk, nulano]

  • Added macOS SDK install path to library and include directories #​4974
    [radarhere, fxcoudert]

  • Imaging.h: prevent confusion with system #​4923
    [ax3l, ,radarhere]

  • Avoid using pkg_resources in PIL.features.pilinfo #​4975
    [nulano]

  • Add getlength and getbbox functions for TrueType fonts #​4959
    [nulano, radarhere, hugovk]

  • Allow tuples with one item to give single color value in getink #​4927
    [radarhere, nulano]

  • Add support for CBDT and COLR fonts #​4955
    [nulano, hugovk]

  • Removed OSError in favour of DecompressionBombError for BMP #​4966
    [radarhere]

  • Implemented another ellipse drawing algorithm #​4523
    [xtsm, radarhere]

  • Removed unused JpegImagePlugin._fixup_dict function #​4957
    [radarhere]

  • Added reading and writing of private PNG chunks #​4292
    [radarhere]

  • Implement anchor for TrueType fonts #​4930
    [nulano, hugovk]

  • Fixed bug in Exif delitem #​4942
    [radarhere]

  • Fix crash in ImageTk.PhotoImage on MinGW 64-bit #​4946
    [nulano]

  • Moved CVE images to pillow-depends #​4929
    [radarhere]

  • Refactor font_getsize and font_render #​4910
    [nulano]

  • Fixed loading profile with non-ASCII path on Windows #​4914
    [radarhere]

  • Fixed effect_spread bug for zero distance #​4908
    [radarhere, hugovk]

  • Added formats parameter to Image.open #​4837
    [nulano, radarhere]

  • Added regular_polygon draw method #​4846
    [comhar]

  • Raise proper TypeError in putpixel #​4882
    [nulano, hugovk]

  • Added writing of subIFDs #​4862
    [radarhere]

  • Fix IFDRational eq bug #​4888
    [luphord, radarhere]

  • Fixed duplicate variable name #​4885
    [liZe, radarhere]

  • Added homebrew zlib include directory #​4842
    [radarhere]

  • Corrected inverted PDF CMYK colors #​4866
    [radarhere]

  • Do not try to close file pointer if file pointer is empty #​4823
    [radarhere]

  • ImageOps.autocontrast: add mask parameter #​4843
    [navneeth, hugovk]

  • Read EXIF data tEXt chunk into info as bytes instead of string #​4828
    [radarhere]

  • Replaced distutils with setuptools #​4797, #​4809, #​4814, #​4817, #​4829, #​4890
    [hugovk, radarhere]

  • Add MIME type to PsdImagePlugin #​4788
    [samamorgan]

  • Allow ImageOps.autocontrast to specify low and high cutoffs separately #​4749
    [millionhz, radarhere]


Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/pypi-Pillow-vulnerability branch from a8899c4 to df9303a Compare June 14, 2021 21:04
@renovate renovate bot force-pushed the renovate/pypi-Pillow-vulnerability branch from df9303a to 1cb83a3 Compare March 7, 2022 13:40
@renovate renovate bot changed the title Update dependency Pillow to v8 [SECURITY] Update dependency Pillow to v9 [SECURITY] Mar 7, 2022
@renovate renovate bot force-pushed the renovate/pypi-Pillow-vulnerability branch from 1cb83a3 to fa296d6 Compare March 26, 2022 13:31
@renovate
Copy link
Author

renovate bot commented Mar 23, 2023

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@renovate renovate bot changed the title Update dependency Pillow to v9 [SECURITY] Update dependency Pillow to v9 [SECURITY] - abandoned Aug 6, 2024
Copy link
Author

renovate bot commented Aug 6, 2024

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant