From 0c0bdf8d5adadb5e28d08246936e89ccfe77b020 Mon Sep 17 00:00:00 2001 From: Jeffrey 'Alex' Clark Date: Wed, 15 Apr 2026 13:03:19 -0400 Subject: [PATCH] Update security docs - docs/handbook/security.rst - .github/SECURITY.md Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com> --- .github/SECURITY.md | 4 ++-- docs/handbook/security.rst | 14 +++++++------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 2b668cc55..c9a396aa8 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -4,13 +4,13 @@ To report sensitive vulnerability information, report it [privately on GitHub](https://github.com/python-pillow/Pillow/security/advisories/new). -If you cannot use GitHub, use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure. +If you cannot use GitHub, use the [Tidelift security contact](https://tidelift.com/docs/security). Tidelift will coordinate the fix and disclosure. **DO NOT report sensitive vulnerability information in public.** ## Threat model -Pillow's primary attack surface is parsing untrusted image data. A full STRIDE threat model covering spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege is maintained in the [Security handbook page](https://pillow.readthedocs.io/en/stable/handbook/security.html). +Pillow's primary attack surface is parsing untrusted image data. A full STRIDE threat model covering spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege is maintained in the [Security handbook page](https://pillow.readthedocs.io/en/latest/handbook/security.html). Key risks to be aware of when using Pillow to process untrusted images: diff --git a/docs/handbook/security.rst b/docs/handbook/security.rst index dc7e96c60..e018f099a 100644 --- a/docs/handbook/security.rst +++ b/docs/handbook/security.rst @@ -141,14 +141,14 @@ Denial of service A small compressed image can expand to gigabytes in memory. :py:data:`PIL.Image.MAX_IMAGE_PIXELS` raises -``DecompressionBombError`` at 2× the limit and -``DecompressionBombWarning`` at 1×. PNG text chunks are +``Image.DecompressionBombError`` at 2× the limit and +``Image.DecompressionBombWarning`` at 1×. PNG text chunks are separately capped by ``PngImagePlugin.MAX_TEXT_CHUNK`` and ``MAX_TEXT_MEMORY``. Check the values in your installed Pillow version at runtime or in the reference/source for the current defaults. *Mitigations:* **never** set ``Image.MAX_IMAGE_PIXELS = None`` in production; -treat ``DecompressionBombWarning`` as an error; set OS/container memory limits +treat ``Image.DecompressionBombWarning`` as an error; set OS/container memory limits per worker. **D-2 — CPU exhaustion** @@ -234,7 +234,7 @@ The following mitigations are listed in priority order. libwebp, openjpeg, freetype, Ghostscript. Subscribe to `Pillow security advisories `_. 5. **Enforce** ``MAX_IMAGE_PIXELS`` — never set it to ``None``; treat - ``DecompressionBombWarning`` as an error. + ``Image.DecompressionBombWarning`` as an error. 6. **Allowlist image formats** — unregister plugins your application does not need. 7. **Strip metadata on output** — never pass through EXIF/XMP/ICC from user @@ -242,8 +242,8 @@ The following mitigations are listed in priority order. 8. **Sanitise all metadata** returned by Pillow before using it downstream. 9. **Pin dependencies with hash verification** — use ``pip install --require-hashes`` and lockfiles. -10. **Log and alert** on ``DecompressionBombWarning``, - ``DecompressionBombError``, ``PIL.UnidentifiedImageError``, +10. **Log and alert** on ``Image.DecompressionBombWarning``, + ``Image.DecompressionBombError``, ``PIL.UnidentifiedImageError``, and all exceptions from ``Image.open()``. .. _security-reporting: @@ -255,7 +255,7 @@ To report sensitive vulnerability information, report it `privately on GitHub `_. If you cannot use GitHub, use the `Tidelift security contact -`_. Tidelift will coordinate the fix and +`_. Tidelift will coordinate the fix and disclosure. **Do not report sensitive vulnerability information in public.**