Skip to content

fix(cve): CVE-2026-40192 - Update Pillow to 12.2.0 #3415

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
atheo89 merged 4 commits into from
Apr 30, 2026
Merged

fix(cve): CVE-2026-40192 - Update Pillow to 12.2.0 #3415

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ff6ba9a
fix(cve): CVE-2026-40192 - Pillow FITS decompression bomb
Apr 20, 2026
3604817
fix(cve): update llmcompressor pylock files for Pillow 12.2.0
crackcodecamp Apr 20, 2026
162dfe8
fix(cve): add pillow override to pyproject.toml and update lock files
crackcodecamp Apr 30, 2026
07cb4aa
fix(cve): regenerate lock files with pillow override applied
crackcodecamp Apr 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion dependencies/cve-constraints.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# CVE-induced minimum version constraints

Check warning on line 1 in dependencies/cve-constraints.txt

View workflow job for this annotation

GitHub Actions / Generate job matrix

Fork PR — subscription builds skipped 

Push your branch to the main repo for full CI. See CONTRIBUTING.md.
# This file is used with `uv pip compile --constraints` or UV_CONSTRAINT env var
#
# Format: requirements.txt style (package>=version)
Expand All @@ -14,4 +14,5 @@
# RHAIENG-2893: CVE-2026-0897 Keras: Denial of Service via crafted HDF5 weight loading file
keras>=3.13.1
# RHAIENG-3210: CVE-2026-25990 Pillow: Out-of-bounds Write via Specially Crafted PSD Image
pillow>=12.1.1
# RHOAIENG-58615: CVE-2026-40192 Pillow: FITS GZIP decompression bomb
pillow>=12.2.0
Comment on lines 16 to +18
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Disambiguate Pillow CVE mapping in constraint comments

Line 16 and Line 17 list different Pillow CVEs over a single pillow>=12.2.0 constraint, which makes security traceability ambiguous during audits. Clarify whether this single floor remediates both CVE-2026-25990 and CVE-2026-40192, or split/comment explicitly per CVE rationale.

As per coding guidelines, "REVIEW PRIORITIES: 1. Security vulnerabilities (provide severity, exploit scenario, and remediation code)".

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@dependencies/cve-constraints.txt` around lines 16 - 18, The comment above the
pillow constraint is ambiguous: clarify whether the single constraint
"pillow>=12.2.0" remediates both CVE-2026-25990 and CVE-2026-40192 or provide
per-CVE rationale; update the comment(s) so security traceability is explicit by
either (a) adding a single-line note after the constraint stating that
"pillow>=12.2.0 remediates CVE-2026-25990 and CVE-2026-40192 (include CVE
advisories/patch versions)" or (b) splitting into two commented lines each
naming the CVE and the minimum Pillow version that fixes it, with a short
justification—locate the constraint "pillow>=12.2.0" and the surrounding
comments and modify them accordingly.

2 changes: 2 additions & 0 deletions jupyter/pytorch+llmcompressor/ubi9-python-3.12/pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,4 +67,6 @@ override-dependencies = [
"urllib3>=2.6.0",
# AIPCC-13675: protobuf 6.33.6+ UPB C extension segfaults on s390x
"protobuf==6.31.1",
# RHOAIENG-58615: CVE-2026-40192 Pillow FITS GZIP decompression bomb
"pillow>=12.2.0",
]
6 changes: 3 additions & 3 deletions jupyter/pytorch+llmcompressor/ubi9-python-3.12/requirements.cuda.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -463,9 +463,9 @@ pathvalidate==3.3.1 ; python_full_version >= '3.12' and implementation_name == '
--hash=sha256:6845e0cf9051b31d455a449acda5983114ce2c7085b81337e102c6517b71795d
pexpect==4.9.0 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:8b376d8ae1d099528b1b0958be10c4489d636dc5e310b7f38c0fbc5d2f66e335
pillow==12.1.1 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:e34837e0501bda7d589613bd59ff689dde7adc9775cb7441b0ea4bc76a711d68 \
--hash=sha256:893f8370df4aa50b75e4f7453649d86886f3c45da7b7c9c75122a0b55640af1d
pillow==12.2.0 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:a447355e5ddcb989f812d9ad0e0dee22a031c4f09f1114335dad01f84c03b82a \
--hash=sha256:57a03b7853ede0c0739f7ba8e54cf97c2ab1ac96e85360c63ab10760c22eeecc
pip==26.1 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:6d99d736160d98557f1eae8db814c273b9d3ea87a470c97d7dd92f2bf68c0e0d
platformdirs==4.9.6 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
Expand Down
6 changes: 3 additions & 3 deletions jupyter/pytorch+llmcompressor/ubi9-python-3.12/uv.lock.d/pylock.cuda.toml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions runtimes/pytorch+llmcompressor/ubi9-python-3.12/pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,4 +49,6 @@ override-dependencies = [
"urllib3>=2.6.0",
# AIPCC-13675: protobuf 6.33.6+ UPB C extension segfaults on s390x
"protobuf==6.31.1",
# RHOAIENG-58615: CVE-2026-40192 Pillow FITS GZIP decompression bomb
"pillow>=12.2.0",
]
6 changes: 3 additions & 3 deletions runtimes/pytorch+llmcompressor/ubi9-python-3.12/requirements.cuda.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -318,9 +318,9 @@ pathvalidate==3.3.1 ; python_full_version >= '3.12' and implementation_name == '
--hash=sha256:6845e0cf9051b31d455a449acda5983114ce2c7085b81337e102c6517b71795d
pexpect==4.9.0 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:8b376d8ae1d099528b1b0958be10c4489d636dc5e310b7f38c0fbc5d2f66e335
pillow==12.1.1 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:e34837e0501bda7d589613bd59ff689dde7adc9775cb7441b0ea4bc76a711d68 \
--hash=sha256:893f8370df4aa50b75e4f7453649d86886f3c45da7b7c9c75122a0b55640af1d
pillow==12.2.0 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:a447355e5ddcb989f812d9ad0e0dee22a031c4f09f1114335dad01f84c03b82a \
--hash=sha256:57a03b7853ede0c0739f7ba8e54cf97c2ab1ac96e85360c63ab10760c22eeecc
pip==26.1 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
--hash=sha256:6d99d736160d98557f1eae8db814c273b9d3ea87a470c97d7dd92f2bf68c0e0d
platformdirs==4.9.6 ; python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux' \
Expand Down
6 changes: 3 additions & 3 deletions runtimes/pytorch+llmcompressor/ubi9-python-3.12/uv.lock.d/pylock.cuda.toml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading