Control: severity -1 wishlist On 2021-03-16 09:27:12 +0000, Laurence Parry wrote: > Tags: fixed-upstream > > Using webp-dev on buster with test file bug.c from the second bug > mentioned above compiled with -lwebp, malloc reported: "free(): > corrupted unsorted chunks" within WebPIDelete(). > > This suggests to me that the bug may be exploitable on systems with > libwebp6 installed - of which there are far more than when this > package was introduced. > https://qa.debian.org/popcon-graph.php?packages=libwebp-dev+libwebp6+libwebpmux3+libwebpdemux2+webp&show_installed=on&want_legend=on&want_ticks=on&from_date=2016-03-01&date_fmt=%25Y-%25m&beenhere=1 > > As such, I've raised the priority. I don't know which packages use > libwebp6 in threaded mode, but a change in this may not be noted in > changelogs anyway. > > As the maintainer appears inactive, I request assistance from the > security team to address this issue.
Fixes for the security issues have been uploaded. Reducing the severity of this bug back to wishlist as this is now a "please package new upstream release" bug report. Cheers > > Best regards, > -- > Laurence "GreenReaper" Parry - Inkbunny administrator > https://www.greenreaper.co.uk/ - https://inkbunny.net/ -- Sebastian Ramacher
signature.asc
Description: PGP signature