[URGENT] Please update the webp plugin to 1.3.2
- https://github.com/webmproject/libwebp/blob/main/NEWS
- https://nvd.nist.gov/vuln/detail/CVE-2023-4863
I'm not sure whether XnView bundle the vpx plugin.
If so, please also update the vpx plugin to 1.13.1
- https://github.com/webmproject/libvpx/b ... /CHANGELOG
- https://nvd.nist.gov/vuln/detail/CVE-2023-5217
High-Severity Vulnerabilities Discovered in WebM Project’s Libraries
https://www.paloaltonetworks.com/blog/p ... libraries/
[URGENT] CVE-2023-4863 in libwebp below 1.3.2
Moderators: XnTriq, helmut, xnview, Dreamer
-
- Posts: 10
- Joined: Sat Jan 09, 2010 11:28 am
-
- Author of XnView
- Posts: 44470
- Joined: Mon Oct 13, 2003 7:31 am
- Location: France
-
- Posts: 10
- Joined: Sat Jan 09, 2010 11:28 am
Re: [URGENT] CVE-2023-4863 in libwebp below 1.3.2
Got the hot patch. Looking forward to the 1.6. Thank you.