From 4a84674ee89edacb5801a2611a6da65da143c1fe Mon Sep 17 00:00:00 2001
From: Thomas A Caswell <tcaswell@gmail.com>
Date: Sat, 26 Oct 2019 19:21:24 -0400
Subject: [PATCH] BLD: update pillow dependency

Pillow has a security issue for <6.2.0 (CVE-2019-16865).

This is in violation of our normal support window for dependencies,
however we are making an exception due to the CVE.
---
 requirements/doc/doc-requirements.txt | 1 -
 setup.py                              | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/requirements/doc/doc-requirements.txt b/requirements/doc/doc-requirements.txt
index 5159465b89e3..362399aeac7b 100644
--- a/requirements/doc/doc-requirements.txt
+++ b/requirements/doc/doc-requirements.txt
@@ -12,6 +12,5 @@ colorspacious
 ipython
 ipywidgets
 numpydoc>=0.8
-pillow>=3.4,!=5.4.0
 sphinx-gallery>=0.2
 sphinx-copybutton
diff --git a/setup.py b/setup.py
index 4de989563478..06cc5fc22fad 100644
--- a/setup.py
+++ b/setup.py
@@ -261,7 +261,7 @@ def run(self):
             "cycler>=0.10",
             "kiwisolver>=1.0.1",
             "numpy>=1.11",
-            "pillow",
+            "pillow>=6.2.0",
             "pyparsing>=2.0.1,!=2.0.4,!=2.1.2,!=2.1.6",
             "python-dateutil>=2.1",
         ],