Release date:
2026-05-05 23:41:05 UTC
Description:
- CVE-2018-25009: fix out-of-bounds read in GetLE16() by validating VP8X
chunk size
- CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter() by
limiting filter radius to image dimensions
- CVE-2018-25011: fix heap-based buffer overflow in PutLE16() by
rejecting multiple image chunks in ANMF frames
- CVE-2018-25012: fix out-of-bounds read in GetLE24() by validating VP8X
chunk size
- CVE-2018-25013: fix heap-based buffer overflow in ShiftBytes() by
synchronizing threads in DecodeRemaining
- CVE-2018-25014: fix use of uninitialized value in ReadSymbol() by
validating decoder readiness and synchronizing threads
Updated packages:
-
libwebp-0.4.3-3.el6.tuxcare.els4.i686.rpm
sha:eb6a0fdbc7093f9425f69d6b5f2293e06c451b7e37688d1d89988bcd8d9cbaa6
-
libwebp-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:9bc0d2855d273bd54e63efbc9e89d0d36760545075ded75ba8327a458e73141d
-
libwebp-devel-0.4.3-3.el6.tuxcare.els4.i686.rpm
sha:42757cf6e941b2f7ac1e18cc40aac51269a46cfb8a1da4cc6f0b4d6e25ffaf83
-
libwebp-devel-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:6b8be2d703b370d90e14ed83d7e5a0c2cc4fc7a9d431e7669ff8da6413392c4d
-
libwebp-java-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:d6dcc0a62fb25967884389db2654a46ec11657b7e2eeb3142096a1f991e34d01
-
libwebp-tools-0.4.3-3.el6.tuxcare.els4.x86_64.rpm
sha:ce67280ffc6cb8050ade9a4d2ad36814bd2959c4fdfb40cdb0e7175dc70455ce
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
