chore(deps): update dependency pillow to v10.2.0 [security]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Pillow (changelog)	`==10.1.0` -> `==10.2.0`

GitHub Vulnerability Alerts

CVE-2023-50447

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

Release Notes

python-pillow/Pillow (Pillow)

### [`v10.2.0`](https://togithub.com/python-pillow/Pillow/blob/HEAD/CHANGES.rst#1020-2024-01-02) [Compare Source](https://togithub.com/python-pillow/Pillow/compare/10.1.0...10.2.0) - Add `keep_rgb` option when saving JPEG to prevent conversion of RGB colorspace [#7553](https://togithub.com/python-pillow/Pillow/issues/7553) \[bgilbert, radarhere] - Trim glyph size in ImageFont.getmask() [#7669](https://togithub.com/python-pillow/Pillow/issues/7669), [#7672](https://togithub.com/python-pillow/Pillow/issues/7672) \[radarhere, nulano] - Deprecate IptcImagePlugin helpers [#7664](https://togithub.com/python-pillow/Pillow/issues/7664) \[nulano, hugovk, radarhere] - Allow uncompressed TIFF images to be saved in chunks [#7650](https://togithub.com/python-pillow/Pillow/issues/7650) \[radarhere] - Concatenate multiple JPEG EXIF markers [#7496](https://togithub.com/python-pillow/Pillow/issues/7496) \[radarhere] - Changed IPTC tile tuple to match other plugins [#7661](https://togithub.com/python-pillow/Pillow/issues/7661) \[radarhere] - Do not assign new fp attribute when exiting context manager [#7566](https://togithub.com/python-pillow/Pillow/issues/7566) \[radarhere] - Support arbitrary masks for uncompressed RGB DDS images [#7589](https://togithub.com/python-pillow/Pillow/issues/7589) \[radarhere, akx] - Support setting ROWSPERSTRIP tag [#7654](https://togithub.com/python-pillow/Pillow/issues/7654) \[radarhere] - Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask() [#7662](https://togithub.com/python-pillow/Pillow/issues/7662) \[radarhere] - Optimise `ImageColor` using `functools.lru_cache` [#7657](https://togithub.com/python-pillow/Pillow/issues/7657) \[hugovk] - Restricted environment keys for ImageMath.eval() [#7655](https://togithub.com/python-pillow/Pillow/issues/7655) \[wiredfool, radarhere] - Optimise `ImageMode.getmode` using `functools.lru_cache` [#7641](https://togithub.com/python-pillow/Pillow/issues/7641) \[hugovk, radarhere] - Fix incorrect color blending for overlapping glyphs [#7497](https://togithub.com/python-pillow/Pillow/issues/7497) \[ZachNagengast, nulano, radarhere] - Attempt memory mapping when tile args is a string [#7565](https://togithub.com/python-pillow/Pillow/issues/7565) \[radarhere] - Fill identical pixels with transparency in subsequent frames when saving GIF [#7568](https://togithub.com/python-pillow/Pillow/issues/7568) \[radarhere] - Corrected duration when combining multiple GIF frames into single frame [#7521](https://togithub.com/python-pillow/Pillow/issues/7521) \[radarhere] - Handle disposing GIF background from outside palette [#7515](https://togithub.com/python-pillow/Pillow/issues/7515) \[radarhere] - Seek past the data when skipping a PSD layer [#7483](https://togithub.com/python-pillow/Pillow/issues/7483) \[radarhere] - Import plugins relative to the module [#7576](https://togithub.com/python-pillow/Pillow/issues/7576) \[deliangyang, jaxx0n] - Translate encoder error codes to strings; deprecate `ImageFile.raise_oserror()` [#7609](https://togithub.com/python-pillow/Pillow/issues/7609) \[bgilbert, radarhere] - Support reading BC4U and DX10 BC1 images [#6486](https://togithub.com/python-pillow/Pillow/issues/6486) \[REDxEYE, radarhere, hugovk] - Optimize ImageStat.Stat.extrema [#7593](https://togithub.com/python-pillow/Pillow/issues/7593) \[florath, radarhere] - Handle pathlib.Path in FreeTypeFont [#7578](https://togithub.com/python-pillow/Pillow/issues/7578) \[radarhere, hugovk, nulano] - Added support for reading DX10 BC4 DDS images [#7603](https://togithub.com/python-pillow/Pillow/issues/7603) \[sambvfx, radarhere] - Optimized ImageStat.Stat.count [#7599](https://togithub.com/python-pillow/Pillow/issues/7599) \[florath] - Correct PDF palette size when saving [#7555](https://togithub.com/python-pillow/Pillow/issues/7555) \[radarhere] - Fixed closing file pointer with olefile 0.47 [#7594](https://togithub.com/python-pillow/Pillow/issues/7594) \[radarhere] - Raise ValueError when TrueType font size is not greater than zero [#7584](https://togithub.com/python-pillow/Pillow/issues/7584), [#7587](https://togithub.com/python-pillow/Pillow/issues/7587) \[akx, radarhere] - If absent, do not try to close fp when closing image [#7557](https://togithub.com/python-pillow/Pillow/issues/7557) \[RaphaelVRossi, radarhere] - Allow configuring JPEG restart marker interval on save [#7488](https://togithub.com/python-pillow/Pillow/issues/7488) \[bgilbert, radarhere] - Decrement reference count for PyObject [#7549](https://togithub.com/python-pillow/Pillow/issues/7549) \[radarhere] - Implement `streamtype=1` option for tables-only JPEG encoding [#7491](https://togithub.com/python-pillow/Pillow/issues/7491) \[bgilbert, radarhere] - If save_all PNG only has one frame, do not create animated image [#7522](https://togithub.com/python-pillow/Pillow/issues/7522) \[radarhere] - Fixed frombytes() for images with a zero dimension [#7493](https://togithub.com/python-pillow/Pillow/issues/7493) \[radarhere]

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

cetteup / BF2AutoSpectator