[Cin] CVE in libwebp

Andrew Randrianasulu randrianasulu at gmail.com
Fri Sep 15 17:31:21 CEST 2023

пт, 15 сент. 2023 г., 18:26 Phyllis Smith <phylsmith2017 at gmail.com>:

> libwebp is currently at version 1.1.0 for a reason:  it requires cmake 3.5
> and older versions of ubuntu as well as some other older O/S do not have
> that.  This is documented in the manual with the suggestion of users who
> want an upgrade will have to first upgrade cmake to 3.5.  BUT by now it may
> even require a later version of cmake (not sure).\

At least 1.2.4 (with this bug fixed) still contain autogen.sh/configure


so may be we can switch our build to this scheme ...

> On Fri, Sep 15, 2023 at 7:01 AM Andrew Randrianasulu <
> randrianasulu at gmail.com> wrote:
>> https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a
>> so far Slackware 15.0 bumped libwebp to 1.3.2
>> guess we ought to do the same?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cinelerra-gg.org/pipermail/cin/attachments/20230915/8427ef26/attachment.htm>

More information about the Cin mailing list