Release date:
2026-05-05 09:26:34 UTC
Description:
- CVE-2018-25009: fix out-of-bounds read in GetLE16() by validating VP8X
chunk size
- CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter() by
limiting filter radius to image dimensions
- CVE-2018-25011: fix heap-based buffer overflow in PutLE16() by
rejecting multiple image chunks in ANMF frames
- CVE-2018-25012: fix out-of-bounds read in GetLE24() by validating VP8X
chunk size
- CVE-2018-25013: fix heap-based buffer overflow in ShiftBytes() by
synchronizing threads in DecodeRemaining
- CVE-2018-25014: fix use of uninitialized value in ReadSymbol() by
validating decoder readiness and synchronizing threads
Updated packages:
-
libwebp-0.4.3-3.el6.tuxcare.els4.i686.rpm
sha:86de3bbf33ab84d6588ae55c0e0660c05dff8550d4b978be613e57917cf19bd5
-
libwebp-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:f811b54ecc8eee06cc0411547423aeb0c1978c29c7243240db275fe5dd72df45
-
libwebp-devel-0.4.3-3.el6.tuxcare.els4.i686.rpm
sha:155830d97735f9e1098bb8dc1077aa011bdf94591ecc2da1186be304f6e37430
-
libwebp-devel-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:795058c42df87f59d2722068c45978a833faea6410d921aa07f5ad0fd9dab58a
-
libwebp-java-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:253afb63a39b655c9dc237c9c729127e885398674ba257663a3d992a2d5ca2a7
-
libwebp-tools-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:6db5b747cd8d6826ffd018da68f243f5e57f9f8a043efdad8d7ec82ba0f8cc18
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
