Added release notes for #5567

radarhere · radarhere · commit d254e581a1f9 · 2021-07-01T13:32:20.000+10:00
diff --git a/docs/releasenotes/8.3.0.rst b/docs/releasenotes/8.3.0.rst
@@ -82,6 +82,13 @@ format, through the new ``bitmap_format`` argument::
 Security
 ========
 
+Buffer overflow
+^^^^^^^^^^^^^^^
+
+This release addresses :cve:`CVE-2021-34552`. PIL since 1.1.4 and Pillow since 1.0
+allowed parameters passed into a convert function to trigger buffer overflow in
+Convert.c.
+
 Parsing XML
 ^^^^^^^^^^^
 
