From 63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7 Mon Sep 17 00:00:00 2001
From: Andrew Murray <radarhere@users.noreply.github.com>
Date: Mon, 1 Apr 2024 20:19:46 +1100
Subject: [PATCH] Update CHANGES.rst [ci skip]

---
 CHANGES.rst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGES.rst b/CHANGES.rst
index d314ac4e96b..86d1e349c12 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -5,6 +5,9 @@ Changelog (Pillow)
 10.3.0 (unreleased)
 -------------------
 
+- CVE-2024-28219: Use strncpy to avoid buffer overflow #7928
+  [radarhere, hugovk]
+
 - Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927
   [radarhere, hugovk]