For example, the popular VLC media player also uses libvpx, as do other open source media players and video converters such as MPlayer or Handbrake. The next few days will show whether such a debacle will be repeated with the CVE-2023-5217 vulnerability in the libvpx program library. For example, Gimp, LibreOffice, Telegram, 1Password, and many others are potentially vulnerable. In the meantime, it has emerged that a large number of other programs whose developers use the WebP library may also affected. This program library is also used in Firefox, which released an emergency patch of its own. Vulnerability CVE-2023-4863 in the open-source libwebp program library can be exploited with crafted image files in WebP format. Google already provided an emergency update for Chrome in mid-September to close another critical 0-day vulnerability in the browser. Many open source projects use such standard libraries, some of which are also regarded as reference implementations. It supports the VP8 and VP9 video formats. Google subsequently released the software as open source. The libvpx program library was originally developed by On2 Technologies, a company specializing in video codecs, which Google acquired in 2010. In Thunderbird 115.3.1, the developers have fixed the 0-day vulnerability CVE-2023-5217 – and a few more bugs. For Tor Browser 12.5.6, the developers backported the corresponding security patch from Firefox ESR 115.3.1 to the old browser base, because Tor Browser 12.5.x is still based on Firefox ESR 102.15.Īlso on September 29, Mozilla subsidiary MZLA Technologies provided a security update for Thunderbird. On September 29, the Tor Project updated its browser to fix the 0-day vulnerability.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |