Debian 10261 Published by

A libwebp security update has been released for Debian GNU/Linux 8 Extended LTS to address several security vulnerabilities.



ELA-423-1 libwebp security update

Package libwebp
Version 0.4.1-1.2+deb8u1
Related CVEs CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331

Several security vulnerabilities were discovered in libwebp, a lossy compression library for digital photographic images. Heap-based buffer overflows may lead to a denial-of-service or potentially the execution of arbitrary code.

For Debian 8 jessie, these problems have been fixed in version 0.4.1-1.2+deb8u1.

We recommend that you upgrade your libwebp packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-423-1 libwebp security update