fresco icon indicating copy to clipboard operation
fresco copied to clipboard

Published 20 hours ago verified publisher icon facebook

Fresco uses libjpeg-turbo 1.5.3 to have CVE-2020-17541 and CVE-2018-14498 vulnerabilities. Is there a repair plan?

Open Aiyuan-h opened this issue 3 years ago • 3 comments

Description

libjpeg-turbo 1.5.3 has CVE-2020-17541 and CVE-2018-14498 vulnerabilities. I tested the version of libjpeg-turbo 2.1.0 and the vulnerability has been resolved. Can fresco be able to upgrade the version of libjpeg?

Solution

https://github.com/libjpeg-turbo/libjpeg-turbo

Aiyuan-h avatar Jul 14 '21 02:07 Aiyuan-h

Second

erich04 avatar Jul 21 '21 10:07 erich04

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as "bug" or "enhancement" and I will leave it open. Thank you for your contributions.

stale[bot] avatar Jan 09 '22 04:01 stale[bot]

Duplicates https://github.com/facebook/fresco/issues/2482

Mezzle avatar Jun 28 '22 12:06 Mezzle