From 17e624e522de2f7963b393584313c2fdbbf30d65 Mon Sep 17 00:00:00 2001
From: Frederick Price <fprice@pricemail.ca>
Date: Sat, 22 Apr 2023 00:20:11 -0400
Subject: [PATCH] Update documentation

---
 CHANGES.rst                   | 3 +++
 docs/releasenotes/6.2.2.5.rst | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/CHANGES.rst b/CHANGES.rst
index 635b7cc73..05ce203dd 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -27,6 +27,9 @@ Changelog (Pillow)
   combination of \r and \n as line endings.
   [rickprice]
 
+- Fix CVE-2022-45199: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
+  [rickprice]
+
 - Fix CVE-2021-28676: FliDecode did not properly check that the block advance
   was non-zero, potentally leading to an infinite loop on load.
   [rickprice]
diff --git a/docs/releasenotes/6.2.2.5.rst b/docs/releasenotes/6.2.2.5.rst
index 4130c8710..a18c5c37b 100644
--- a/docs/releasenotes/6.2.2.5.rst
+++ b/docs/releasenotes/6.2.2.5.rst
@@ -37,3 +37,5 @@ This release addresses several critical CVEs.
                        Pillow in the open phase, before an image was accepted
                        for opening.
 
+:cve: `CVE-2022-45199`: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.
+