diff --git a/CHANGES.rst b/CHANGES.rst
index 94cd6e7bc75..b4dc1d6646e 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -2,6 +2,15 @@
 Changelog (Pillow)
 ==================
 
+10.0.1 (2023-09-15)
+-------------------
+
+- Updated libwebp to 1.3.2 #7395
+  [radarhere]
+
+- Updated zlib to 1.3 #7344
+  [radarhere]
+
 10.0.0 (2023-07-01)
 -------------------
 
diff --git a/Tests/test_file_png.py b/Tests/test_file_png.py
index c4db9790524..b460761d838 100644
--- a/Tests/test_file_png.py
+++ b/Tests/test_file_png.py
@@ -79,7 +79,7 @@ def get_chunks(self, filename):
 
     def test_sanity(self, tmp_path):
         # internal version number
-        assert re.search(r"\d+\.\d+\.\d+(\.\d+)?$", features.version_codec("zlib"))
+        assert re.search(r"\d+(\.\d+){1,3}$", features.version_codec("zlib"))
 
         test_file = str(tmp_path / "temp.png")
 
diff --git a/depends/install_webp.sh b/depends/install_webp.sh
index 4636aab437b..6f867ab3788 100755
--- a/depends/install_webp.sh
+++ b/depends/install_webp.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 # install webp
 
-archive=libwebp-1.3.1
+archive=libwebp-1.3.2
 
 ./download-and-extract.sh $archive https://raw.githubusercontent.com/python-pillow/pillow-depends/main/$archive.tar.gz
 
diff --git a/docs/releasenotes/10.0.1.rst b/docs/releasenotes/10.0.1.rst
new file mode 100644
index 00000000000..6ac30e7fce1
--- /dev/null
+++ b/docs/releasenotes/10.0.1.rst
@@ -0,0 +1,14 @@
+10.0.1
+------
+
+Security
+========
+
+This release addresses :cve:`2023-4863`, by providing an updated install script and
+updated wheels to include libwebp 1.3.2, preventing a potential heap buffer overflow
+in WebP.
+
+Updated tests to pass with latest zlib version
+==============================================
+
+The release of zlib 1.3 caused one of the tests in the Pillow test suite to fail.
diff --git a/docs/releasenotes/index.rst b/docs/releasenotes/index.rst
index 9bca9854152..1dee0715372 100644
--- a/docs/releasenotes/index.rst
+++ b/docs/releasenotes/index.rst
@@ -14,6 +14,7 @@ expected to be backported to earlier versions.
 .. toctree::
   :maxdepth: 2
 
+  10.0.1
   10.0.0
   9.5.0
   9.4.0
diff --git a/src/PIL/_version.py b/src/PIL/_version.py
index 1fc7f7334aa..f3455f1f1f7 100644
--- a/src/PIL/_version.py
+++ b/src/PIL/_version.py
@@ -1,2 +1,2 @@
 # Master version for Pillow
-__version__ = "10.0.0"
+__version__ = "10.0.1"
diff --git a/winbuild/build_prepare.py b/winbuild/build_prepare.py
index 5a5bb8e0ade..a88ec7a095a 100644
--- a/winbuild/build_prepare.py
+++ b/winbuild/build_prepare.py
@@ -130,9 +130,9 @@ def cmd_msbuild(
         "bins": ["cjpeg.exe", "djpeg.exe"],
     },
     "zlib": {
-        "url": "https://zlib.net/zlib1213.zip",
-        "filename": "zlib1213.zip",
-        "dir": "zlib-1.2.13",
+        "url": "https://zlib.net/zlib13.zip",
+        "filename": "zlib13.zip",
+        "dir": "zlib-1.3",
         "license": "README",
         "license_pattern": "Copyright notice:\n\n(.+)$",
         "build": [
@@ -157,9 +157,9 @@ def cmd_msbuild(
         "libs": [r"liblzma.lib"],
     },
     "libwebp": {
-        "url": "http://downloads.webmproject.org/releases/webp/libwebp-1.3.1.tar.gz",
-        "filename": "libwebp-1.3.1.tar.gz",
-        "dir": "libwebp-1.3.1",
+        "url": "http://downloads.webmproject.org/releases/webp/libwebp-1.3.2.tar.gz",
+        "filename": "libwebp-1.3.2.tar.gz",
+        "dir": "libwebp-1.3.2",
         "license": "COPYING",
         "build": [
             cmd_rmdir(r"output\release-static"),  # clean