** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libwebp in Ubuntu. https://bugs.launchpad.net/bugs/2035220
Title: cve-2023-4863 Status in chromium-browser package in Ubuntu: New Status in libwebp package in Ubuntu: New Status in chromium package in Debian: New Status in libwebp package in Debian: New Bug description: [$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html high profile remote vulnerability themusicgod1@eva1:~$ apt-cache policy chromium-browser chromium-browser: Installed: 1:85.0.4183.83-0ubuntu2.22.04.1 Candidate: 1:85.0.4183.83-0ubuntu2.22.04.1 Version table: current available snap: chromium 116.0.5845.179 fix is in: chromium 116.0.5845.187 ubuntu: 22.04.3 LTS jammy ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: chromium-browser 1:85.0.4183.83-0ubuntu2.22.04.1 ProcVersionSignature: Ubuntu 6.2.0-26.26~22.04.1-generic 6.2.13 Uname: Linux 6.2.0-26-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Tue Sep 12 08:38:06 2023 DiskUsage: Filesystem Type Size Used Avail Use% Mounted on /dev/sda2 ext4 228G 162G 55G 75% / tmpfs tmpfs 3.9G 66M 3.8G 2% /dev/shm /dev/sda2 ext4 228G 162G 55G 75% / InstallationDate: Installed on 2017-04-18 (2337 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) MachineType: MSI MS-7994 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-26-generic root=UUID=333c5e4f-3f61-4abf-b950-f19431c843d6 ro text Snap.Changes: no changes found Snap.ChromeDriverVersion: ChromeDriver 116.0.5845.179 (17ff023f3eb4f6883321db9399bfc65560ef84a9-refs/branch-heads/5845@{#1745}) Snap.ChromiumVersion: Chromium 116.0.5845.179 snap SourcePackage: chromium-browser UpgradeStatus: Upgraded to jammy on 2023-06-14 (89 days ago) dmi.bios.date: 12/16/2016 dmi.bios.release: 5.12 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 5.80 dmi.board.asset.tag: Default string dmi.board.name: H110M GAMING (MS-7994) dmi.board.vendor: MSI dmi.board.version: 1.0 dmi.chassis.asset.tag: Default string dmi.chassis.type: 3 dmi.chassis.vendor: MSI dmi.chassis.version: 1.0 dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr5.80:bd12/16/2016:br5.12:svnMSI:pnMS-7994:pvr1.0:rvnMSI:rnH110MGAMING(MS-7994):rvr1.0:cvnMSI:ct3:cvr1.0:skuDefaultstring: dmi.product.family: Default string dmi.product.name: MS-7994 dmi.product.sku: Default string dmi.product.version: 1.0 dmi.sys.vendor: MSI mtime.conffile..etc.apport.crashdb.conf: 2020-06-07T21:16:26.397404 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2035220/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
