Explore top 10 tips to secure your open-source projects now. Read More
×* bsc#1136199 Cross-References: * CVE-2016-9969 . # Security update for libwebp Announcement ID: SUSE-SU-2025:01639-2 Release Date: 2025-06-10T08:12:52Z Rating: important References: * bsc#1136199 Cross-References: * CVE-2016-9969 CVSS scores: * CVE-2016-9969 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2016-9969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2016-9969 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame() of AnimEncoder can lead to double free (bsc#1136199). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1639=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-1639=1 ## Package List: * SUSE Package Hub 15 15-SP7 (x86_64) * libwebp6-32bit-0.5.0-150000.3.17.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.17.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libwebp6-0.5.0-150000.3.17.1 * libwebp6-debuginfo-0.5.0-150000.3.17.1 * libwebp-debugsource-0.5.0-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2016-9969.html * https://bugzilla.suse.com/show_bug.cgi?id=1136199 . This release tackles a significantvulnerability in libjpeg, affecting Debian platforms. Urgent updates are recommended for protection.. SUSE Linux, libwebp security, memory issue fix, important update. . Severity: Important. LinuxSecurity.com Team
* bsc#1136199 Cross-References: * CVE-2016-9969 . # Security update for libwebp Announcement ID: SUSE-SU-2025:01639-1 Release Date: 2025-05-21T11:44:11Z Rating: important References: * bsc#1136199 Cross-References: * CVE-2016-9969 CVSS scores: * CVE-2016-9969 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2016-9969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2016-9969 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame() of AnimEncoder can lead to double free (bsc#1136199). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1639=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1639=1 ## Package List: * SUSE Package Hub 15 15-SP6 (x86_64) * libwebp6-32bit-debuginfo-0.5.0-150000.3.17.1 * libwebp6-32bit-0.5.0-150000.3.17.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libwebp-debugsource-0.5.0-150000.3.17.1 * libwebp6-debuginfo-0.5.0-150000.3.17.1 * libwebp6-0.5.0-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2016-9969.html * https://bugzilla.suse.com/show_bug.cgi?id=1136199 . The libjpeg-turbo enhancement resolvesCVE-2021-20227, correcting critical buffer overflow issues and improving overall safety.. libwebp security update, SUSE Linux patch, memory vulnerability fix. . Severity: Important. LinuxSecurity.com Team
Backport fix for CVE-2023-5129. ---- Update to 1.3.2.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-e692a72898 2023-10-14 01:26:08.208280 -------------------------------------------------------------------------------- Name : libwebp Product : Fedora 37 Version : 1.3.2 Release : 2.fc37 URL : https://www.webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-5129. ---- Update to 1.3.2. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Sandro Mani - 1.3.2-2 - Backport upstream fix for CVE-2023-5129 * Mon Sep 18 2023 Sandro Mani - 1.3.2-1 - Update to 1.3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2239217 - libwebp-1.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239217 [ 2 ] Bug #2241121 - CVE-2023-5129 libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-e692a72898' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. References: . MGASA-2023-0282 - Updated libwebp packages fix a security vulnerability Publication date: 03 Oct 2023 URL: https://advisories.mageia.org/MGASA-2023-0282.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2023-4863 Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. References: - https://bugs.mageia.org/show_bug.cgi?id=32280 - https://www.cve.org/CVERecord?id=CVE-2023-4863 - https://www.cve.org/CVERecord?id=CVE-2023-4863 SRPMS: - 9/core/libwebp-1.3.0-2.1.mga9 - 8/core/libwebp-1.1.0-2.2.mga8 . Mageia 2023-0283 upgrades openssl to address critical vulnerabilities, improving encryption protocols for safer online transactions.. Heap Overflow, Libwebp Security, Mageia Update, Remote Code Execution, Google Chrome. . LinuxSecurity.com Team
Backport fix for CVE-2023-5129.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-9108cda47c 2023-10-03 00:16:47.391245 -------------------------------------------------------------------------------- Name : libwebp Product : Fedora 39 Version : 1.3.2 Release : 2.fc39 URL : https://www.webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-5129. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Sandro Mani - 1.3.2-2 - Backport upstream fix for CVE-2023-5129 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2241121 - CVE-2023-5129 libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9108cda47c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Backport fix for CVE-2023-5129.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-2a0668fe43 2023-09-30 03:34:08.918361 -------------------------------------------------------------------------------- Name : libwebp Product : Fedora 38 Version : 1.3.2 Release : 2.fc38 URL : https://www.webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-5129. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Sandro Mani - 1.3.2-2 - Backport upstream fix for CVE-2023-5129 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2241121 - CVE-2023-5129 libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2a0668fe43' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
libwebp could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6369-2 September 28, 2023 libwebp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: libwebp could be made to crash or run programs if it opened a specially crafted file. Software Description: - libwebp: Lossy compression of digital photographic images. Details: USN-6369-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): libwebp6 0.6.1-2ubuntu0.18.04.2+esm1 libwebpdemux2 0.6.1-2ubuntu0.18.04.2+esm1 libwebpmux3 0.6.1-2ubuntu0.18.04.2+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6369-2 https://ubuntu.com/security/notices/USN-6369-1 CVE-2023-4863 . Ubuntu 18.04 LTS contains a vulnerability in libwebp that may result in system crashes or the potential for remote code execution. Updating is advised.. libwebp vulnerability, denial of service fix, ubuntu security notice. . LinuxSecurity.com Team
This update for libwebp fixes the following issues: CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231).. # Security update for libwebp Announcement ID: SUSE-SU-2023:3829-1 Rating: critical References: * #1215231 Cross-References: * CVE-2023-4863 CVSS scores: * CVE-2023-4863 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4863 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE CaaS Platform 4.0 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP4 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3829=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3829=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3829=1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3829=1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3829=1 * SUSE Linux Enterprise Workstation Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-3829=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2023-3829=1 * SUSE CaaS Platform 4.0 To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * openSUSE Leap 15.4 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 *libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Package Hub 15 15-SP4 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * SUSE Package Hub 15 15-SP5 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 * libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 *libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 * libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64) * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 *libwebp-debugsource-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * SUSE CaaS Platform 4.0 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4863.html * https://bugzilla.suse.com/show_bug.cgi?id=1215231 . Implement essential patch for libwebp to address severe buffer overflow vulnerabilities on openSUSE platforms, bolstering overall security integrity.. Libwebp Update,SUSE Security Advisory,Critical Bug Fix,OpenSUSE Security. . Severity: Critical. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.