RHSA-2021:4231-01 -- Redhat libwebpID: oval:org.secpod.oval:def:506474 | Date: (C)2021-11-22 (M)2023-03-08 |
Class: PATCH | Family: unix |
The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format . Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Security Fix: * libwebp: out-of-bounds read in WebPMuxCreateInternal * libwebp: out-of-bounds read in ApplyFilter * libwebp: out-of-bounds read in WebPMuxCreateInternal * libwebp: out-of-bounds read in ShiftBytes * libwebp: use of uninitialized value in ReadSymbol * libwebp: out-of-bounds read in ChunkVerifyAndAssign in mux/muxread.c * libwebp: out-of-bounds read in ChunkAssignData in mux/muxinternal.c * libwebp: excessive memory allocation when reading a file For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |