• [SECURITY] [DSA 5497-2] libwebp security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Sep 17 17:40:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5497-2 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 17, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libwebp
    CVE ID : CVE-2023-4863

    A buffer overflow in parsing WebP images may result in the execution of arbitrary code.

    For the oldstable distribution (bullseye), this problem has been fixed in version 0.6.1-2.1+deb11u2.

    We recommend that you upgrade your libwebp packages.

    For the detailed security status of libwebp please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/libwebp

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUHGqwACgkQEMKTtsN8 TjbjJg/8D6kWp8jPOWah87ULZ4P14ehOQ98a1IUoQ2hyiLx+qrmAXkKNQE/pzSjn CFhXgXq/ILf8ux7bB9MzA3gr3nVukVoh6BDw6swuZTPUL21/35tKwTRQQFOq3DHy uPrEYt6Zxt56s4Cf2977ciTJkw9Xbe0KstsL/0DSteFJ39xckA57WeGXzPoRyXf5 RPPCbuA3WDAJcBIsNzXVGern0YNTk0uqOlk+yMVmazPbKMGr0ZoBUvT4VktHia9A 1j6UuEFcGXjAHkdiKHYKUCEZVWLwOHRot0z5j5fRY2uTJA47DnIeNqJTSyvc/uaL Wjf7Qe2ivl0L4N+MdnI1AlQ5YkdEgry+mzkzs4ZqJs/zkQFxa0mq7t3npZNY5tL2 YyA9dA5Yj1sicCCj4igGYMEFetQphl+EbUNPyDiL8P2ONekHdy+fHXewNQAjMO5N V4Q9nUbU/tWCdMGLNP0QV9LDBYp5T3SQVszJh/vZywjYlDOaBr6M9ILI+Xe/XqSE oKg/QOq99CSulDJbUWBg/VGOxferdmJOxZJhH5/Gjy6gFPD98wo27xVqV2rYuHcf 17trHMSFUWEnuD0HXyeCdn2b1MUCA6x+lMcYwfi6ugxIxjAzw70z4QLYApOkDjdN aPIzwX7REgNabyyDqzxoacXs6BdYpivpo314MDnQC0rnsorX9uw=
    =i6o4
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)