Origin: https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
Subject: Denial-of-service via get_image_dimensions()

https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/

CVE-2012-3444

Index: python-django-1.3/django/forms/fields.py
===================================================================
--- python-django-1.3.orig/django/forms/fields.py	2012-09-06 08:41:15.799981681 -0400
+++ python-django-1.3/django/forms/fields.py	2012-09-06 08:41:22.103981842 -0400
@@ -544,20 +544,10 @@
                 file = StringIO(data['content'])
 
         try:
-            # load() is the only method that can spot a truncated JPEG,
-            #  but it cannot be called sanely after verify()
-            trial_image = Image.open(file)
-            trial_image.load()
-
-            # Since we're about to use the file again we have to reset the
-            # file object if possible.
-            if hasattr(file, 'reset'):
-                file.reset()
-
-            # verify() is the only method that can spot a corrupt PNG,
-            #  but it must be called immediately after the constructor
-            trial_image = Image.open(file)
-            trial_image.verify()
+            # load() could spot a truncated JPEG, but it loads the entire
+            # image in memory, which is a DoS vector. See #3848 and #18520.
+            # verify() must be called immediately after the constructor.
+            Image.open(file).verify()
         except ImportError:
             # Under PyPy, it is possible to import PIL. However, the underlying
             # _imaging C module isn't available, so an ImportError will be
