File python-Pillow.spec of Package python-Pillow

Overview Repositories Revisions Requests Users Attributes Meta

File python-Pillow.spec of Package python-Pillow

#
# spec file for package python-Pillow
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#

%if ! 0%{?is_opensuse} && 0%{?sle_version} && 0%{?sle_version} < 150000
%bcond_with tk
%else
%bcond_without tk
%endif

%define oldpython python
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name:           python-Pillow
Version:        4.2.1
Release:        0
Summary:        Python Imaging Library (Fork)
License:        HPND
Group:          Development/Languages/Python
URL:            http://python-imaging.github.io/
Source:         https://files.pythonhosted.org/packages/source/P/Pillow/Pillow-%{version}.tar.gz
Source2:        test_images_01.tar.gz
Source3:        test_images_02.tar.gz
Source4:        test_images_03.tar.gz
Source5:        test_images_04.tar.gz
# PATCH-FIX-UPSTREAM: 001-Corrected-negative-seeks.patch
# CVE-2019-16865: backport of upstream fix from v6.2.0
#   https://github.com/python-pillow/Pillow/pull/4101.patch
Patch1:         001-Corrected-negative-seeks.patch
# PATCH-FIX-UPSTREAM: 002-Added-DecompressionBombError.patch
#   Added a DecompressionBombError for if the requested size is 2*Image.MAX_PIXELS
#   Without that, decompression bomb tests were just throwing warnings, not exceptions
#   backport from v5.0.0
#   https://github.com/python-pillow/Pillow/pull/2583.patch
Patch2:         002-Added-DecompressionBombError.patch
# PATCH-FIX-UPSTREAM: 003-Added-decompression-bomb-checks.patch
# CVE-2019-16865: backport of upstream fix from v6.2.0
#   https://github.com/python-pillow/Pillow/pull/4102.patch
Patch3:         003-Added-decompression-bomb-checks.patch
# PATCH-FIX-UPSTREAM: 004-Raise-error-if-dimension-is-a-string.patch
# CVE-2019-16865: backport of upstream fix from v6.2.0
#   https://github.com/python-pillow/Pillow/pull/4103.patch
Patch4:         004-Raise-error-if-dimension-is-a-string.patch
# PATCH-FIX-UPSTREAM: 005-Catch-buffer-overruns.patch
# CVE-2019-16865: backport of upstream fix from v6.2.0
#   https://github.com/python-pillow/Pillow/pull/4104.patch
Patch5:         005-Catch-buffer-overruns.patch
# PATCH-FIX-UPSTREAM: 006-Catch-PCX-P-mode-buffer-overrun.patch
# CVE-2020-5312: backport of upstream fix from v6.2.2
#   https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd.patch
Patch6:         006-Catch-PCX-P-mode-buffer-overrun.patch
# PATCH-FIX-UPSTREAM: 007-Test-animated-FLI-file.patch
#   Test animated FLI file
#   It is used by subsequent CVE patches
#   backport from v4.3.0
#   https://github.com/python-pillow/Pillow/pull/2650.patch
Patch7:         007-Test-animated-FLI-file.patch
# PATCH-FIX-UPSTREAM: 008-Ensure-previous-FLI-frame-is-loaded.patch
# Fix for https://github.com/python-pillow/Pillow/issues/2649 which uncovers CVE-2020-5313
#   backport from v5.4.0
#   https://github.com/python-pillow/Pillow/pull/3478.patch
Patch8:         008-Ensure-previous-FLI-frame-is-loaded.patch
# PATCH-FIX-UPSTREAM: 009-Catch-FLI-buffer-overrun.patch
# CVE-2020-5313: backport of upstream fix from v6.2.2
#   https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b.patch
Patch9:         009-Catch-FLI-buffer-overrun.patch
# PATCH-FIX-UPSTREAM: 010-Invalid-number-of-bands-in-FPX-image.patch
# CVE-2019-19911: backport of upstream fix from v6.2.2
#   https://github.com/python-pillow/Pillow/commit/774e53bb132461d8d5ebefec1162e29ec0ebc63d.patch
Patch10:        010-Invalid-number-of-bands-in-FPX-image.patch
# PATCH-FIX-UPSTREAM: 011-Fix-OOB-reads-in-FLI-decoding.patch
# CVE-2020-10177: backport of upstream fix from v7.1.0
#   https://github.com/python-pillow/Pillow/pull/4503.patch
Patch11:        011-Fix-OOB-reads-in-FLI-decoding.patch
# PATCH-FIX-UPSTREAM: 012-Fix-bounds-overflow-in-JPEG-2000-decoding.patch
# CVE-2020-10994: backport of upstream fix from v7.1.0
#   https://github.com/python-pillow/Pillow/pull/4505.patch
Patch12:        012-Fix-bounds-overflow-in-JPEG-2000-decoding.patch
# PATCH-FIX-UPSTREAM: 013-Fix-bounds-overflow-in-PCX-decoding.patch
# CVE-2020-10378: backport of upstream fix from v7.1.0
#   https://github.com/python-pillow/Pillow/pull/4506.patch
Patch13:        013-Fix-bounds-overflow-in-PCX-decoding.patch
# PATCH-FIX-UPSTREAM: 014-Tests-for-tiff-crashes.patch
# Base change for later CVE test cases + on_ci() helper
#   https://github.com/python-pillow/Pillow/pull/4929.patch
Patch14:        014-Tests-for-tiff-crashes.patch
# PATCH-FIX-UPSTREAM: 015-Fix-negative-size-read-in-TiffDecode.patch
# CVE-2021-25290: backport of upstream fix from v8.1.1
#   https://github.com/python-pillow/Pillow/commit/e25be1e33dc526bfd1094bc778a54d8e29bf66c9.patch
Patch15:        015-Fix-negative-size-read-in-TiffDecode.patch
# PATCH-FIX-UPSTREAM: 016-Fix-Memory-DOS-in-BLP-ICNS-and-ICO-Image-Plugins.patch
# CVE-2021-27922,CVE-2021-27923: backport of upstream fix from v8.1.2
#   https://github.com/python-pillow/Pillow/commit/756fff33128a0b643d10518a26ad04b726dd8973.patch
Patch16:        016-Fix-Memory-DOS-in-BLP-ICNS-and-ICO-Image-Plugins.patch
# PATCH-FIX-UPSTREAM: 017-CVE-2020-35653.patch
# CVE-2020-35653: backport of upstream fix from v8.1.0
#   https://github.com/python-pillow/Pillow/pull/5174.patch
Patch17:        017-CVE-2020-35653.patch
# PATCH-FIX-UPSTREAM: 018-CVE-2021-25287+8.patch
# CVE-2021-25287,CVE-2021-25288: backport of upstream fix from v8.2.0
#   https://github.com/python-pillow/Pillow/commit/3bf5eddb89afdf690eceaa52bc4d3546ba9a5f87.patch
Patch18:        018-CVE-2021-25287+8.patch
# PATCH-FIX-UPSTREAM: 019-CVE-2021-28675.patch
# CVE-2021-28675: backport of upstream fix from v8.2.0
#   https://github.com/python-pillow/Pillow/commit/22e9bee4ef225c0edbb9323f94c26cee0c623497.patch
Patch19:        019-CVE-2021-28675.patch
# PATCH-FIX-UPSTREAM: 020-CVE-2021-28677.patch
# CVE-2021-28677: backport of upstream fix from v8.2.0
#   https://github.com/python-pillow/Pillow/commit/5a5e6db0abf4e7a638fb1b3408c4e495a096cb92.patch
Patch20:        020-CVE-2021-28677.patch
# PATCH-FIX-UPSTREAM: 021-CVE-2021-28676.patch
# CVE-2021-28676: backport of upstream fix from v8.2.0
#   https://github.com/python-pillow/Pillow/commit/bb6c11fb889e6c11b0ee122b828132ee763b5856.patch
Patch21:        021-CVE-2021-28676.patch
BuildRequires:  %{python_module devel}
BuildRequires:  %{python_module nose}
BuildRequires:  %{python_module olefile}
BuildRequires:  %{python_module setuptools}
%if %{with tk}
BuildRequires:  %{python_module tk}
%endif
BuildRequires:  fdupes
BuildRequires:  freetype2-devel
BuildRequires:  libtiff-devel
BuildRequires:  python-rpm-macros
BuildRequires:  tix
BuildRequires:  tk-devel
BuildRequires:  unzip
BuildRequires:  zlib-devel
Requires:       python-olefile
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} > 1210
BuildRequires:  libjpeg8-devel
BuildRequires:  liblcms2-devel
BuildRequires:  libwebp-devel
%else
%if 0%{?rhel} > 6
BuildRequires:  lcms2-devel
BuildRequires:  libjpeg-turbo-devel
BuildRequires:  libwebp-devel
%else
BuildRequires:  %{python_module unittest2}
%endif
%endif
%if 0%{?suse_version} > 1315
BuildRequires:  openjpeg2-devel
%endif
%ifpython2
# Pillow is a friendly PIL fork which we used to package as 'imaging'
# Without providing python-imaging, all packages requiring it will break
Obsoletes:      %{oldpython}-imaging < %{version}
Provides:       %{oldpython}-imaging = %{version}
Obsoletes:      %{oldpython}-imaging-sane < %{version}
Provides:       %{oldpython}-imaging-sane = %{version}
%endif
%ifpython3
Obsoletes:      python3-imaging < %{version}
Provides:       python3-imaging = %{version}
%endif
%python_subpackages

%description
Pillow is the "friendly" PIL fork by Alex Clark and Contributors. PIL is the
Python Imaging Library by Fredrik Lundh and Contributors.

%package tk
Summary:        Python Imaging Library (Fork) - Tcl/Tk Module
Group:          Development/Languages/Python
Requires:       %{name} = %{version}
Requires:       python-tk
%ifpython2
# NOTE: We don't need to conflict with python-imaging here,
# because this package depends on python-Pillow, which already conflicts with python-imaging,
# so this cannot be installed alongside python-imaging
# And we cannot conflict with python-imaging directly, since python-Pillow provides python-imaging
# Just in case, conflict with python-imaging-tk in case it is ever implemented.
Obsoletes:      %{oldpython}-imaging-tk < %{version}
Provides:       %{oldpython}-imaging-tk = %{version}
%endif

%description tk
Pillow is the "friendly" PIL fork by Alex Clark and Contributors. PIL is the
Python Imaging Library by Fredrik Lundh and Contributors.

#NOTE(saschpe): No 'sane' subpackage like "python-imaging", that stuff
# would belong into python-pysane, if anybody would care :-)

%prep
%setup -q -n Pillow-%{version} -a 2
%setup -q -T -D -n Pillow-%{version} -a 3
%setup -q -T -D -n Pillow-%{version} -a 4
%setup -q -T -D -n Pillow-%{version} -a 5
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1

%build
%python_build

%install
%python_install
for p in pilconvert pildriver pilfile pilfont pilprint  createfontdatachunk enhancer explode gifmaker painter player thresholder viewer; do
  # retain old alternative-based names
  mv %{buildroot}%{_bindir}/$p.py %{buildroot}%{_bindir}/$p
done

%fdupes %{buildroot}%{_prefix}
# add missing path
%{python_expand echo "PIL" > %{buildroot}%{$python_sitearch}/PIL.pth}

%check
%{python_expand export PYTHONPATH=%{buildroot}%{$python_sitearch}
%ifarch ppc ppc64 s390 s390x
$python selftest.py --installed || \
echo "WARNING ignore failure https://github.com/python-pillow/Pillow/issues/1204"
$python test-installed.py  || \
echo "WARNING ignore failure https://github.com/python-pillow/Pillow/issues/1204"
%else
$python selftest.py --installed
$python test-installed.py
%endif
}

%files %{python_files}
%defattr(-,root,root,-)
%doc CHANGES.rst README.rst LICENSE
%python3_only %{_bindir}/pilconvert
%python3_only %{_bindir}/pildriver
%python3_only %{_bindir}/pilfile
%python3_only %{_bindir}/pilfont
%python3_only %{_bindir}/pilprint
%python3_only %{_bindir}/createfontdatachunk
%python3_only %{_bindir}/enhancer
%python3_only %{_bindir}/explode
%python3_only %{_bindir}/gifmaker
%python3_only %{_bindir}/painter
%python3_only %{_bindir}/player
%python3_only %{_bindir}/thresholder
%python3_only %{_bindir}/viewer
%{python_sitearch}/PIL
%{python_sitearch}/PIL.pth
%{python_sitearch}/Pillow-%{version}-py%{python_version}.egg-info

%if %{with tk}
%exclude %{python_sitearch}/PIL/ImageTk*
%exclude %{python_sitearch}/PIL/_imagingtk*
%pycache_only %exclude %{python_sitearch}/PIL/__pycache__/ImageTk.*
%endif

%if %{with tk}

%files %{python_files tk}
%defattr(-,root,root,-)
%{python_sitearch}/PIL/ImageTk*
%{python_sitearch}/PIL/_imagingtk*
%pycache_only %{python_sitearch}/PIL/__pycache__/ImageTk.*

%endif

%changelog

Places

File python-Pillow.spec of Package python-Pillow

Places