Thank you for reporting this issue. Have you reported this to the upstream libwebp developers? If not, we encourage you to report it (you can do so here: https://bugs.chromium.org/p/webp/issues/list) and keep us in the loop if possible. Thank you
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libwebp in Ubuntu. https://bugs.launchpad.net/bugs/1919977 Title: heap-buffer-overflow in old libwebp Status in libwebp package in Ubuntu: New Bug description: I found an overflow error when testing the security of ImageMagick on ubuntu20.02. The error exists in the libwebp library, and the old version is used in the system source. When ImageMagick calls the libwebp library to parse the webp file, an overflow occurs. system info: Distributor ID: Ubuntu Description: Ubuntu 20.04.2 LTS Release: 20.04 Codename: focal Edith by issues:https://github.com/ImageMagick/ImageMagick/issues/3403 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libwebp/+bug/1919977/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
