Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 58 articles for you...
100

SUSE 15 SP7: 2025:01639-2 important: libwebp double free issue

* bsc#1136199 Cross-References: * CVE-2016-9969 . # Security update for libwebp Announcement ID: SUSE-SU-2025:01639-2 Release Date: 2025-06-10T08:12:52Z Rating: important References: * bsc#1136199 Cross-References: * CVE-2016-9969 CVSS scores: * CVE-2016-9969 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2016-9969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2016-9969 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame() of AnimEncoder can lead to double free (bsc#1136199). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-1639=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-1639=1 ## Package List: * SUSE Package Hub 15 15-SP7 (x86_64) * libwebp6-32bit-0.5.0-150000.3.17.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.17.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libwebp6-0.5.0-150000.3.17.1 * libwebp6-debuginfo-0.5.0-150000.3.17.1 * libwebp-debugsource-0.5.0-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2016-9969.html * https://bugzilla.suse.com/show_bug.cgi?id=1136199 . This release tackles a significantvulnerability in libjpeg, affecting Debian platforms. Urgent updates are recommended for protection.. SUSE Linux, libwebp security, memory issue fix, important update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 10, 2025 Important SuSE
100

SUSE: 2025:01639-1 important: libwebp memory management issue

* bsc#1136199 Cross-References: * CVE-2016-9969 . # Security update for libwebp Announcement ID: SUSE-SU-2025:01639-1 Release Date: 2025-05-21T11:44:11Z Rating: important References: * bsc#1136199 Cross-References: * CVE-2016-9969 CVSS scores: * CVE-2016-9969 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2016-9969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2016-9969 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame() of AnimEncoder can lead to double free (bsc#1136199). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1639=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-1639=1 ## Package List: * SUSE Package Hub 15 15-SP6 (x86_64) * libwebp6-32bit-debuginfo-0.5.0-150000.3.17.1 * libwebp6-32bit-0.5.0-150000.3.17.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libwebp-debugsource-0.5.0-150000.3.17.1 * libwebp6-debuginfo-0.5.0-150000.3.17.1 * libwebp6-0.5.0-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2016-9969.html * https://bugzilla.suse.com/show_bug.cgi?id=1136199 . The libjpeg-turbo enhancement resolvesCVE-2021-20227, correcting critical buffer overflow issues and improving overall safety.. libwebp security update, SUSE Linux patch, memory vulnerability fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 21, 2025 Important SuSE
89

Fedora 37: FEDORA-2023-e692a72898 Moderate: Out-Of-Bounds Write in libwebp

Backport fix for CVE-2023-5129. ---- Update to 1.3.2.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-e692a72898 2023-10-14 01:26:08.208280 -------------------------------------------------------------------------------- Name : libwebp Product : Fedora 37 Version : 1.3.2 Release : 2.fc37 URL : https://www.webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-5129. ---- Update to 1.3.2. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Sandro Mani - 1.3.2-2 - Backport upstream fix for CVE-2023-5129 * Mon Sep 18 2023 Sandro Mani - 1.3.2-1 - Update to 1.3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2239217 - libwebp-1.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2239217 [ 2 ] Bug #2241121 - CVE-2023-5129 libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-e692a72898' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 37 libwebp has been upgraded to version 1.3.2 in order to resolve the vulnerability concern identified as CVE-2023-5129.. libwebp Update Fedora Security CVE Out-Of-Bounds. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Oct 14, 2023 Important Fedora
203

Mageia 2023-0282 Moderate: Libwebp Heap Overflow Advisory

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. References: . MGASA-2023-0282 - Updated libwebp packages fix a security vulnerability Publication date: 03 Oct 2023 URL: https://advisories.mageia.org/MGASA-2023-0282.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2023-4863 Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. References: - https://bugs.mageia.org/show_bug.cgi?id=32280 - https://www.cve.org/CVERecord?id=CVE-2023-4863 - https://www.cve.org/CVERecord?id=CVE-2023-4863 SRPMS: - 9/core/libwebp-1.3.0-2.1.mga9 - 8/core/libwebp-1.1.0-2.2.mga8 . Mageia 2023-0283 upgrades openssl to address critical vulnerabilities, improving encryption protocols for safer online transactions.. Heap Overflow, Libwebp Security, Mageia Update, Remote Code Execution, Google Chrome. . LinuxSecurity.com Team

Calendar%202 Oct 03, 2023 Mageia
89

Fedora 39: 2023-1234abcd56 High: libjpeg Security Flaw Detected

Backport fix for CVE-2023-5129.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-9108cda47c 2023-10-03 00:16:47.391245 -------------------------------------------------------------------------------- Name : libwebp Product : Fedora 39 Version : 1.3.2 Release : 2.fc39 URL : https://www.webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-5129. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Sandro Mani - 1.3.2-2 - Backport upstream fix for CVE-2023-5129 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2241121 - CVE-2023-5129 libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9108cda47c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 39's recent libwebp enhancement addresses CVE-2023-5129, greatly improving the safety of image handling.. libwebp Update, Fedora Security, CVE-2023-5129 Fix. . LinuxSecurity.com Team

Calendar%202 Oct 03, 2023 Fedora
89

Fedora 38 FEDORA-2023-2a0668fe43 Moderate: libwebp Out-Of-Bounds Write

Backport fix for CVE-2023-5129.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-2a0668fe43 2023-09-30 03:34:08.918361 -------------------------------------------------------------------------------- Name : libwebp Product : Fedora 38 Version : 1.3.2 Release : 2.fc38 URL : https://www.webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2023-5129. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 28 2023 Sandro Mani - 1.3.2-2 - Backport upstream fix for CVE-2023-5129 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2241121 - CVE-2023-5129 libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2241121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-2a0668fe43' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 38 has released an update to rectify an out-of-bounds write vulnerability found in libwebp, fortifying defenses against possible security risks.. libwebp Update,Fedora Security Patch,CVE-2023-5129 Fix. . LinuxSecurity.com Team

Calendar%202 Sep 30, 2023 Fedora
172

Ubuntu 18.04 LTS USN-6369-2 Moderate: Libwebp Denial Of Service

libwebp could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6369-2 September 28, 2023 libwebp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: libwebp could be made to crash or run programs if it opened a specially crafted file. Software Description: - libwebp: Lossy compression of digital photographic images. Details: USN-6369-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): libwebp6 0.6.1-2ubuntu0.18.04.2+esm1 libwebpdemux2 0.6.1-2ubuntu0.18.04.2+esm1 libwebpmux3 0.6.1-2ubuntu0.18.04.2+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6369-2 https://ubuntu.com/security/notices/USN-6369-1 CVE-2023-4863 . Ubuntu 18.04 LTS contains a vulnerability in libwebp that may result in system crashes or the potential for remote code execution. Updating is advised.. libwebp vulnerability, denial of service fix, ubuntu security notice. . LinuxSecurity.com Team

Calendar%202 Sep 28, 2023 Ubuntu
202

openSUSE 15.4: SUSE-SU-2023:4830-1 Critical: libjpeg Buffer Overflow

This update for libwebp fixes the following issues: CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231).. # Security update for libwebp Announcement ID: SUSE-SU-2023:3829-1 Rating: critical References: * #1215231 Cross-References: * CVE-2023-4863 CVSS scores: * CVE-2023-4863 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4863 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE CaaS Platform 4.0 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP4 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libwebp fixes the following issues: * CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3829=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3829=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3829=1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3829=1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3829=1 * SUSE Linux Enterprise Workstation Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-3829=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2023-3829=1 * SUSE CaaS Platform 4.0 To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * openSUSE Leap 15.4 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 *libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Package Hub 15 15-SP4 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * SUSE Package Hub 15 15-SP5 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 * libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 *libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64) * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 * libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64) * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 *libwebp-debugsource-0.5.0-150000.3.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * SUSE CaaS Platform 4.0 (x86_64) * libwebp6-32bit-0.5.0-150000.3.14.1 * libwebp6-0.5.0-150000.3.14.1 * libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebp-debugsource-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-0.5.0-150000.3.14.1 * libwebpextras0-debuginfo-0.5.0-150000.3.14.1 * libwebpextras0-32bit-0.5.0-150000.3.14.1 * libwebp-devel-0.5.0-150000.3.14.1 * libwebpmux2-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdemux2-32bit-0.5.0-150000.3.14.1 * libwebpmux2-0.5.0-150000.3.14.1 * libwebpextras0-0.5.0-150000.3.14.1 * libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1 * libwebpdecoder2-0.5.0-150000.3.14.1 * libwebpdemux2-0.5.0-150000.3.14.1 * libwebp6-debuginfo-0.5.0-150000.3.14.1 * libwebpmux2-32bit-0.5.0-150000.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4863.html * https://bugzilla.suse.com/show_bug.cgi?id=1215231 . Implement essential patch for libwebp to address severe buffer overflow vulnerabilities on openSUSE platforms, bolstering overall security integrity.. Libwebp Update,SUSE Security Advisory,Critical Bug Fix,OpenSUSE Security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Sep 27, 2023 Critical OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200