SUSE-SU-2021:1830-1 -- SLES libwebp| ID: oval:org.secpod.oval:def:89044362 | Date: (C)2021-06-18 (M)2023-03-08 |
| Class: PATCH | Family: unix |
This update for libwebp fixes the following issues: - CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter . - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign . - CVE-2020-36332: Fixed extreme memory allocation when reading a file . - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB . - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24 . - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes . - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData . - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16 . - CVE-2018-25011: Fixed fail on multiple image chunks .
| Platform: |
| SUSE Linux Enterprise Server 12 SP3 |
| SUSE Linux Enterprise Server 12 SP2 |
| SUSE Linux Enterprise Server 12 SP5 |
| SUSE Linux Enterprise Server 12 SP4 |
