wagtail / wagtail.org

Wagtail’s official marketing website

Home Page:https://wagtail.org/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Security issue with Pillow as reported by snyk.io

JPedersen opened this issue · comments

It seems there is a critical issue in Pillow 8.4 that is fixed in Pillow 9:
https://security.snyk.io/vuln/SNYK-PYTHON-PILLOW-2331901

Wagtail seems to be pinned to 8.4:
https://github.com/wagtail/wagtail.io/blob/main/requirements.txt#L6

I realise now I filed this in the wrong project, I can see that this was released with wagtail/wagtail#7817 being fixed. Thanks a lot everyone!