-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3570-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 18, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : libwebp Version : 0.6.1-2+deb10u3 CVE ID : CVE-2023-4863 A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For Debian 10 buster, this problem has been fixed in version 0.6.1-2+deb10u3. We recommend that you upgrade your libwebp packages. For the detailed security status of libwebp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libwebp Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmUIPWMACgkQnUbEiOQ2 gwJSYg//dPLbV1YipC9oXXVYzWIwRy6Im3cygpoBxIALg4n/MbpR5n7x7tXPRiCf pKZaIyzlUl1BpIFL1iHU3yXC+KOtYf0zwAaXfjGt7WjOXnkvDIZ0XuDXkc8yZp7W hTWYtfEDaPyDzPG2IiZpKg03mmhVkSTLKyw004jQ5Hy++nAc4iWHZbLIeoVjnmPH H/2xX6sfuPamchZ4zNKISkjL9ToXI1dfwXGNfP6mV5HB5I/uwvImDDuaq3/lkvTp iTRW6Lx+cDP3ixbm6+b/sqoHVw5hy8cxhzY7NL5sFzG22nsJ/DZMI9UVOu66ksrK 1ccxnpdjiTCJOksENmKnfL2OvSZVXVASuWlQcPYxWe9MtFZc2d9Gt/ukJ9QuqgJt oDiMNKa4QCa4+8EnmPh47GocTA/D4/UrjbqDqRlyDQXr7uiK1tq60r4JoL9IUEkj JIHEwHwPLEr16v9vlF/9wEM8PEYxpxmZaErlD/MCeEtxrKoJVLCY28hPGF5iYtNn LEsy+HHG9Y0/zzLShEe+dWNS3aWUSYdcEl+gu1Uf2RonfKf1CzMQDO4SLbldMnId RTOjC0ULPICxwMRPrw5Wj+FgSD3yswGwwKMsz0xyuBuRRlfE5K/uaO2hYjG1LwId iaNsa8leNrTk7JSeygZ0F24HpsPgsFL/tQXHeLAao0pbWdEqs4c= =VgF4 -----END PGP SIGNATURE-----