Open
Conversation
hugovk
reviewed
Apr 9, 2026
.github/INCIDENT_RESPONSE.md
Outdated
|
|
||
| 1. **Yank the release immediately** via the PyPI web interface or: | ||
| ```bash | ||
| gh api -X POST /pypi/pillow/<version>/yank |
At the risk of making this document larger, add in sections in Bootstrap IRP but not ours. - https://github.com/twbs/bootstrap/blob/main/.github/INCIDENT_RESPONSE.md
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
wiredfool
reviewed
Apr 9, 2026
.github/INCIDENT_RESPONSE.md
Outdated
|
|
||
| | Severity | CVSS | Definition | Target Response SLA | | ||
| |---|---|---|---| | ||
| | **Critical** | 9.0 – 10.0 | Remote code execution, arbitrary write, or complete integrity/confidentiality loss achievable by opening a crafted image | 48 hours to patch; embargoed release where possible | |
Member
There was a problem hiding this comment.
48 hours to patch is faster than we've ever done anything publicly that has been severe.
Unless we're dealing with an active compromise, I think that we're better off being somewhat more careful and definitely not promising 48 hours as an SLA. We might target that for an initial response.
…ignment step Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
radarhere
reviewed
Apr 9, 2026
.github/INCIDENT_RESPONSE.md
Outdated
|
|
||
| Security fixes are applied to the **latest stable release only**. Users on older versions | ||
| are expected to upgrade. This is consistent with Pillow's quarterly release cadence and | ||
| is not currently documented elsewhere — reporters should assume only the latest release |
Member
There was a problem hiding this comment.
'is not currently documented elsewhere'
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
Please use the latest version of Pillow. Functionality and security fixes should not be expected to be backported to earlier versions.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
radarhere
reviewed
Apr 9, 2026
| |---|---|---| | ||
| | `pybind11` | Build-time only | C++ ↔ Python bindings | | ||
| | `olefile` | Optional (`fpx`, `mic` extras) | OLE2 container parsing (FPX, MIC formats) | | ||
| | `defusedxml` | Optional (`xmp` extra) | Safe XML parsing for XMP metadata | |
Member
There was a problem hiding this comment.
This list is missing setuptools
Member
There was a problem hiding this comment.
We have more lists of optional deps in pyproject.toml. Do they need repeating here?
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
radarhere
reviewed
Apr 9, 2026
.github/INCIDENT_RESPONSE.md
Outdated
| | [Plone](https://plone.org/) | CMS image handling | | ||
| | [Jupyter / IPython](https://jupyter.org/) | Inline image display | | ||
| | [ReportLab](https://www.reportlab.com/) | PDF image embedding | | ||
| | [Wand](https://docs.wand-py.org/) | Sometimes used alongside Pillow | |
Member
There was a problem hiding this comment.
The only mention of Pillow in Wand is https://github.com/emcconville/wand/blob/master/docs/roadmap.rst
PIL has a very long history and most Python projects still depend on it. We will work on a PIL compatibility layer using Wand.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
radarhere
reviewed
Apr 10, 2026
.github/INCIDENT_RESPONSE.md
Outdated
| Numbering Authority — no separate MITRE form required). The CVE is reserved privately | ||
| and published automatically when the advisory goes public. | ||
| 6. **Escalation** — Escalate beyond the core maintainer team if any of the following apply: | ||
| - The vulnerability is being actively exploited in the wild → notify [GitHub Security](mailto:security@github.com) and the [Python Security Response Team](https://www.python.org/news/security/) |
Member
There was a problem hiding this comment.
Suggested change
| - The vulnerability is being actively exploited in the wild → notify [GitHub Security](mailto:security@github.com) and the [Python Security Response Team](https://www.python.org/news/security/) | |
| - The vulnerability is being actively exploited in the wild → notify [GitHub Security](mailto:security@github.com) and the [Python Security Response Team](https://devguide.python.org/developer-workflow/psrt/) |
https://www.python.org/news/security/ redirects to https://www.python.org/blogs/
Member
There was a problem hiding this comment.
Although https://devguide.python.org/developer-workflow/psrt/ is mainly instructions for the PSRT (I'm a member).
https://www.python.org/dev/security/ is the one for reporters.
But it says the PSRT only accepts CPython and pip reports.
We should not report Pillow security issues there.
And I doubt GitHub security wants to know either.
https://github.com/github/docs/security only asks for reports for GitHub-owned repositories.
Let's delete this whole bullet point.
radarhere
reviewed
Apr 10, 2026
radarhere
reviewed
Apr 10, 2026
radarhere
reviewed
Apr 10, 2026
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
hugovk
reviewed
Apr 10, 2026
.github/INCIDENT_RESPONSE.md
Outdated
|
|
||
| ## 5. Severity Classification | ||
|
|
||
| Use the [CVSS v3.1](https://www.first.org/cvss/v3.1/specification-document) base score as |
.github/INCIDENT_RESPONSE.md
Outdated
|
|
||
| 1. **GitHub private security advisory** — preferred channel; see [SECURITY.md](SECURITY.md) | ||
| 2. **Tidelift security contact** — <https://tidelift.com/security> | ||
| 3. **Direct maintainer contact** — DM on Mastodon or email |
Member
There was a problem hiding this comment.
Maybe remove this? I'd prefer to get then via GHSA or Tidelift than potentially being missed in my inbox.
.github/INCIDENT_RESPONSE.md
Outdated
| 4. **External researcher / coordinated disclosure** — e.g. Google Project Zero, vendor PSIRT | ||
| 5. **Automated scanning** — Dependabot, GitHub code-scanning (CodeQL), CI fuzzing | ||
| 6. **Distro security teams** — Debian, Red Hat, Ubuntu, Alpine may report upstream | ||
| 7. **User bug report** — public issue (reassess if it has security implications before it stays public) |
Member
There was a problem hiding this comment.
"before it stays public" -- there's not much we can do once it's been reported publicly. Issues can be deleted, but I don't know if that helps.
.github/INCIDENT_RESPONSE.md
Outdated
| 1. Merge the fix to `main`, then cherry-pick to all affected release branches | ||
| (see [RELEASING.md — Point release](../RELEASING.md)). | ||
| 2. Amend commit messages to include the CVE identifier. | ||
| 3. Tag and push; the GitHub Actions "Wheels" workflow will build and upload to PyPI. |
Member
There was a problem hiding this comment.
This is just part of the release process. Should we update RELEASING.md instead of adding different instructions here?
.github/INCIDENT_RESPONSE.md
Outdated
| 3. If a PyPI release is suspected to be tampered: yank it immediately via | ||
| [https://pypi.org/manage/project/pillow/](https://pypi.org/manage/project/pillow/); | ||
| file a report with the [PyPI security team](mailto:security@pypi.org). | ||
| 4. Notify GitHub Security if repository access or Actions secrets are involved. |
| |---|---|---| | ||
| | `pybind11` | Build-time only | C++ ↔ Python bindings | | ||
| | `olefile` | Optional (`fpx`, `mic` extras) | OLE2 container parsing (FPX, MIC formats) | | ||
| | `defusedxml` | Optional (`xmp` extra) | Safe XML parsing for XMP metadata | |
Member
There was a problem hiding this comment.
We have more lists of optional deps in pyproject.toml. Do they need repeating here?
.github/INCIDENT_RESPONSE.md
Outdated
| When a CVE is published for a bundled C library: | ||
|
|
||
| 1. Assess whether the vulnerable code path is reachable through Pillow's API. | ||
| 2. If reachable, treat as a Pillow vulnerability and follow Section 5. |
.github/INCIDENT_RESPONSE.md
Outdated
Comment on lines
+224
to
+229
| ## 9. Dependency Map | ||
|
|
||
| Understanding what Pillow depends on (upstream) and what depends on Pillow (downstream) | ||
| is essential for scoping impact and coordinating notifications during an incident. | ||
|
|
||
| ### 10.1 Upstream Dependencies |
.github/INCIDENT_RESPONSE.md
Outdated
| or the formats they decode. See the | ||
| [full plugin list](https://pillow.readthedocs.io/en/stable/handbook/third-party-plugins.html). | ||
|
|
||
| ### 10.3 Responding to an Upstream Vulnerability |
Member
There was a problem hiding this comment.
The order is off:
10.1 Upstream Dependencies
10.2 Downstream Dependencies
10.3 Responding to an Upstream Vulnerability
Move 10.3 after 10.1.
radarhere
reviewed
Apr 10, 2026
.github/INCIDENT_RESPONSE.md
Outdated
| |---|---|---| | ||
| | [libjpeg-turbo](https://libjpeg-turbo.org/) | JPEG encode/decode | [GitHub](https://github.com/libjpeg-turbo/libjpeg-turbo/security) | | ||
| | [libpng](http://www.libpng.org/pub/png/libpng.html) | PNG encode/decode | [SourceForge](https://sourceforge.net/p/libpng/bugs/) | | ||
| | [libtiff](https://libtiff.gitlab.io/libtiff/) | TIFF encode/decode | [GitLab](https://gitlab.com/libtiff/libtiff/-/issues) | |
Member
There was a problem hiding this comment.
Suggested change
| | [libtiff](https://libtiff.gitlab.io/libtiff/) | TIFF encode/decode | [GitLab](https://gitlab.com/libtiff/libtiff/-/issues) | | |
| | [libtiff](https://libtiff.gitlab.io/libtiff/) | TIFF encode/decode | [GitLab](https://gitlab.com/libtiff/libtiff/-/work_items) | |
https://gitlab.com/libtiff/libtiff/-/issues redirects to https://gitlab.com/libtiff/libtiff/-/work_items
radarhere
reviewed
Apr 10, 2026
.github/INCIDENT_RESPONSE.md
Outdated
| | [aom](https://aomedia.googlesource.com/aom/) | AV1 codec (AVIF) | [Chromium tracker](https://bugs.chromium.org/p/aomedia/) | | ||
| | [dav1d](https://code.videolan.org/videolan/dav1d) | AV1 decode (AVIF) | [VideoLAN Security](https://www.videolan.org/security/) | | ||
| | [openjpeg](https://www.openjpeg.org/) | JPEG 2000 encode/decode | [GitHub](https://github.com/uclouvain/openjpeg/security) | | ||
| | [freetype2](https://freetype.org/) | Font rendering | [GitLab](https://gitlab.freedesktop.org/freetype/freetype/-/issues) | |
Member
There was a problem hiding this comment.
Suggested change
| | [freetype2](https://freetype.org/) | Font rendering | [GitLab](https://gitlab.freedesktop.org/freetype/freetype/-/issues) | | |
| | [freetype2](https://freetype.org/) | Font rendering | [GitLab](https://gitlab.freedesktop.org/freetype/freetype/-/work_items) | |
radarhere
reviewed
Apr 10, 2026
.github/INCIDENT_RESPONSE.md
Outdated
| | [fribidi](https://github.com/fribidi/fribidi) | Unicode bidi (via raqm) | [GitHub](https://github.com/fribidi/fribidi) | | ||
| | [zlib](https://zlib.net/) | Deflate compression | [zlib.net](https://zlib.net/) | | ||
| | [liblzma / xz-utils](https://tukaani.org/xz/) | XZ/LZMA compression | [GitHub](https://github.com/tukaani-project/xz) | | ||
| | [bzip2](https://gitlab.com/bzip2/bzip2) | BZ2 compression | [GitLab](https://gitlab.com/bzip2/bzip2/-/issues) | |
Member
There was a problem hiding this comment.
Suggested change
| | [bzip2](https://gitlab.com/bzip2/bzip2) | BZ2 compression | [GitLab](https://gitlab.com/bzip2/bzip2/-/issues) | | |
| | [bzip2](https://gitlab.com/bzip2/bzip2) | BZ2 compression | [GitLab](https://gitlab.com/bzip2/bzip2/-/work_items) | |
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
- Update CVSS v3.1 to CVSS 4.0 throughout - Remove 'Direct maintainer contact' from detection sources - Fix 'before it stays public' wording for user bug reports - Simplify sections 7.3 and 7.4 to reference RELEASING.md instead of duplicating release process steps - Update RELEASING.md Point release section with security-specific steps (amend CVE in commits, publish GitHub Security Advisory) - Fix PyPI API tokens entry (remove GitHub secrets reference) - Fix 404 PyPI manage URL (use correct case and /releases/ path) - Replace security@pypi.org mailto with https://pypi.org/security/ - Remove unconfirmed 'Notify GitHub Security' bullet - Fix section numbering: 10.x → 9.x under Section 9. Dependency Map - Reorder: move 9.3 Responding to Upstream Vulnerability before 9.3 Downstream Dependencies (now 9.2 and 9.3 respectively) - Add anchor link for Section 5 reference in 9.2 - Add #plugin-list anchor to third-party plugins handbook link - Fix GitLab issue tracker URLs to use /-/work_items for libtiff, freetype2, and bzip2 - Add pyproject.toml reference for complete optional dependencies list Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes proposed in this pull request: