Information on source package libwebp

Available versions

ReleaseVersion
stretch0.5.2-1
stretch (security)0.5.2-1+deb9u1
buster0.6.1-2+deb10u1
bullseye0.6.1-2.1
sid0.6.1-2.1

Open issues

BugstretchbusterbullseyesidDescription
CVE-2020-36332vulnerable (no DSA, ignored)fixedfixedfixedA flaw was found in libwebp in versions before 1.0.1. When reading a f ...
CVE-2018-25012fixedvulnerablefixedfixedA flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...

Open unimportant issues

BugstretchbusterbullseyesidDescription
CVE-2016-9085vulnerablevulnerablevulnerablevulnerableMultiple integer overflows in libwebp allows attackers to have unspeci ...

Resolved issues

BugDescription
CVE-2020-36331A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...
CVE-2020-36330A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...
CVE-2020-36329A flaw was found in libwebp in versions before 1.0.1. A use-after-free ...
CVE-2020-36328A flaw was found in libwebp in versions before 1.0.1. A heap-based buf ...
CVE-2018-25014A flaw was found in libwebp in versions before 1.0.1. An unitialized v ...
CVE-2018-25013A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...
CVE-2018-25011A flaw was found in libwebp in versions before 1.0.1. A heap-based buf ...
CVE-2018-25010A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...
CVE-2018-25009A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...
CVE-2016-9969In libwebp 0.5.1, there is a double free bug in libwebpmux. ...
CVE-2012-5127Integer overflow in Google Chrome before 23.0.1271.64 allows remote at ...

Security announcements

DSA / DLADescription
DSA-4930-1libwebp - security update
DLA-2677-1libwebp - security update

Search for package or bug name: Reporting problems