[Bug 273766] graphics/webp: critical vulnerability (affects browsers)

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 273766] www/firefox < 117.0 and mail/thunderbird < 102.15.0 have critical security vuln"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 21 Sep 2023 09:33:34 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273766

--- Comment #13 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=57055cf99dd10c2029360eab869ecf0ba88e72ad

commit 57055cf99dd10c2029360eab869ecf0ba88e72ad
Author:     Ronald Klop <ronald@FreeBSD.org>
AuthorDate: 2023-09-21 09:31:22 +0000
Commit:     Ronald Klop <ronald@FreeBSD.org>
CommitDate: 2023-09-21 09:31:22 +0000

    security/vuxml: add graphics/webp heap buffer overflow

    graphics/webp was updated to 1.3.2

    PR:             273766
    Security:       CVE-2023-4863

 security/vuxml/vuln/2023.xml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

-- 
You are receiving this mail because:
You are on the CC list for the bug.