webp-imageio icon indicating copy to clipboard operation
webp-imageio copied to clipboard
verified publisher icon sejda-pdf

Update libwebp CVE-2023-1999

Open fdaugan opened this issue 2 years ago • 2 comments

Your package points to an old ref of libwebp related to CVE-2023-1999 Could you update it?

fdaugan avatar Sep 15 '23 09:09 fdaugan

Seeing this library (and none of its forks) are not maintained anymore, I started some time ago maintaining a fork of it. The most recent release v0.5.0 ships with binaries built from v1.3.2 of libwebp (which shouldn't be affected neither by CVE-2023-1999 nor a more recent one CVE-2023-4863)

In case someone wants to try it out, the binaries are available on maven central, sources can be found on Github: https://github.com/usefulness/webp-imageio

mateuszkwiecinski avatar Sep 29 '23 20:09 mateuszkwiecinski

I'm looking to generate dynamic libraries (mac and linux) for libwebp to use as shared libraries in my project. Could someone please provide a concise step-by-step guide or tips on achieving this?

rohanmaheshh avatar Oct 12 '23 08:10 rohanmaheshh