Security Advisory: Pillow security release

Posted by Tim Graham on January 2, 2015

Yesterday, Pillow 2.7.0 was released fixing potential denial of service attacks using compressed text chunks. Pillow is the library used to back Django's ImageField. If you are using ImageField, and particularly if you accept uploads from untrusted users, we encourage you to upgrade as soon as possible.

Back to Top