AFAIK, the minimal pillow version is mostly there because older versions
are affected by several security issues.
If the distro is backporting security issues to old pillow versions,
then you should be able to "manually" downgrade the pillow requirement
without impact on ReportLab.
But Robin might give some more enlightment to this question.
reportlab-users mailing list
$ pip install reportlab --no-dependencies
$ pip install pillow==8.3.2