update python-pillow version to 8.1.2

backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch

@@ -1,60 +0,0 @@
-From 480f6819b592d7f07b9a9a52a7656c10bbe07442 Mon Sep 17 00:00:00 2001
-From: Eric Soroos <eric-github@soroos.net>
-Date: Wed, 24 Feb 2021 23:27:07 +0100
-Subject: [PATCH] Fix Memory DOS in Icns, Ico and Blp Image Plugins
-
-Some container plugins that could contain images of other formats,
-such as the ICNS format, did not properly check the reported size of
-the contained image. These images could cause arbitrariliy large
-memory allocations.
-
-This is fixed for all locations where individual *ImageFile classes
-are created without going through the usual Image.open method.
----
- 
- src/PIL/BlpImagePlugin.py                      |   1 +
- src/PIL/IcnsImagePlugin.py                     |   2 ++
- src/PIL/IcoImagePlugin.py                      |   1 +
- 3 files changed, 4 insertions(+)
- 
-diff -Nuar Pillow-8.1.1-old/src/PIL/BlpImagePlugin.py Pillow-8.1.1/src/PIL/BlpImagePlugin.py
---- Pillow-8.1.1-old/src/PIL/BlpImagePlugin.py  2021-03-13 16:44:33.159000000 +0800
-+++ Pillow-8.1.1/src/PIL/BlpImagePlugin.py      2021-03-13 16:51:52.803000000 +0800
-@@ -353,6 +353,7 @@
-         data = jpeg_header + data
-         data = BytesIO(data)
-         image = JpegImageFile(data)
-+        Image._decompression_bomb_check(image.size)
-         self.tile = image.tile  # :/
-         self.fd = image.fp
-         self.mode = image.mode
-diff -Nuar Pillow-8.1.1-old/src/PIL/IcnsImagePlugin.py Pillow-8.1.1/src/PIL/IcnsImagePlugin.py
---- Pillow-8.1.1-old/src/PIL/IcnsImagePlugin.py 2021-03-13 16:44:33.160000000 +0800
-+++ Pillow-8.1.1/src/PIL/IcnsImagePlugin.py     2021-03-13 16:54:10.925000000 +0800
-@@ -105,6 +105,7 @@
-     if sig[:8] == b"\x89PNG\x0d\x0a\x1a\x0a":
-         fobj.seek(start)
-         im = PngImagePlugin.PngImageFile(fobj)
-+        Image._decompression_bomb_check(im.size)
-         return {"RGBA": im}
-     elif (
-         sig[:4] == b"\xff\x4f\xff\x51"
-@@ -120,6 +121,7 @@
-         fobj.seek(start)
-         jp2kstream = fobj.read(length)
-         f = io.BytesIO(jp2kstream)
-+        Image._decompression_bomb_check(im.size)
-         im = Jpeg2KImagePlugin.Jpeg2KImageFile(f)
-         if im.mode != "RGBA":
-             im = im.convert("RGBA")
-diff -Nuar Pillow-8.1.1-old/src/PIL/IcoImagePlugin.py Pillow-8.1.1/src/PIL/IcoImagePlugin.py
---- Pillow-8.1.1-old/src/PIL/IcoImagePlugin.py  2021-03-13 16:44:33.160000000 +0800
-+++ Pillow-8.1.1/src/PIL/IcoImagePlugin.py      2021-03-13 16:55:31.306000000 +0800
-@@ -178,6 +178,7 @@
-         if data[:8] == PngImagePlugin._MAGIC:
-             # png frame
-             im = PngImagePlugin.PngImageFile(self.buf)
-+            Image._decompression_bomb_check(im.size)
-         else:
-             # XOR + AND mask bmp frame
-             im = BmpImagePlugin.DibImageFile(self.buf)

python-pillow.spec

@@ -4,8 +4,8 @@
 %global with_docs 0
  
 Name:           python-pillow
-Version:        8.1.1
+Version:        8.1.2
-Release:        6
+Release:        1
 Summary:        Python image processing library 
 License:        MIT
 URL:            http://python-pillow.github.io/
@@ -14,21 +14,20 @@ Source0:        https://github.com/python-pillow/Pillow/archive/%{version}/Pillo
 Patch0:         python-pillow_spinxwarn.patch
 Patch1:         python-pillow_sphinx-issues.patch
 
-Patch6000:      backport-CVE-2021-27921_CVE-2021-27922_CVE-2021-27923.patch
+Patch6000:      backport-Fix-Wformat-error-in-TiffDecode.patch
-Patch6001:      backport-Fix-Wformat-error-in-TiffDecode.patch
+Patch6001:      backport-Updated-format-specifiers.patch
-Patch6002:      backport-Updated-format-specifiers.patch
+Patch6002:      backport-CVE-2021-25287-CVE-2021-25288.patch
-Patch6003:      backport-CVE-2021-25287-CVE-2021-25288.patch
+Patch6003:      backport-CVE-2021-28675.patch
-Patch6004:      backport-CVE-2021-28675.patch
+Patch6004:      backport-CVE-2021-28676.patch
-Patch6005:      backport-CVE-2021-28676.patch
+Patch6005:      backport-CVE-2021-28677.patch
-Patch6006:      backport-CVE-2021-28677.patch
+Patch6006:      backport-CVE-2021-28678.patch
-Patch6007:      backport-CVE-2021-28678.patch
+Patch6007:      backport-Fixed-linear_gradient-and-radial_gradient-32-bit-mod.patch
-Patch6008:      backport-Fixed-linear_gradient-and-radial_gradient-32-bit-mod.patch
+Patch6008:      backport-fixes-crash-74d2.patch
-Patch6009:      backport-fixes-crash-74d2.patch
+Patch6009:      backport-fix-for-crash-8115.patch
-Patch6010:      backport-fix-for-crash-8115.patch
+Patch6010:      backport-Fix-Memory-DOS-in-ImageFont.patch
-Patch6011:      backport-Fix-Memory-DOS-in-ImageFont.patch
+Patch6011:      backport-0001-CVE-2021-34552.patch
-Patch6012:      backport-0001-CVE-2021-34552.patch
+Patch6012:      backport-0002-CVE-2021-34552.patch
-Patch6013:      backport-0002-CVE-2021-34552.patch
+Patch6013:      backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
-Patch6014:      backport-Updated-default-value-for-SAMPLESPERPIXEL-tag.patch
 
 BuildRequires:  freetype-devel ghostscript lcms2-devel libimagequant-devel libjpeg-devel libraqm-devel libtiff-devel
 BuildRequires:  libwebp-devel openjpeg2-devel tk-devel zlib-devel python3-cffi python3-devel python3-numpy python3-olefile
@@ -42,7 +41,7 @@ BuildRequires:  python3-sphinx-removed-in
 Requires:       ghostscript
  
 %global __provides_exclude_from ^%{python3_sitearch}/PIL/.*\\.so$
- 
+
 %description
 Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging \
 Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift.
@@ -160,6 +159,9 @@ popd
 %{python3_sitearch}/PIL/__pycache__/ImageQt*
 
 %changelog
+* Wed Jul 14 2021 OpenStack_SIG <openstack@openeuler.org> - 8.1.2-1
+- Update to 8.1.2
+
 * Thu Jul 15 2021 liuyumeng <liuyumeng5@huawei.com> - 8.1.1-6
 - Type:bugfix
 - CVE:CVE-2021-34552