CVE-2016-9085

Priority
Description
Multiple integer overflows in libwebp allows attackers to have unspecified
impact via unknown vectors.
Notes
mdeslaurissue is in file in examples directory, only used to build the
gif2webp tool in the webp binary package in universe.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [code not present])
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.10 (Eoan Ermine):needed
Ubuntu 20.04 (Focal Fossa):needed
Patches:
Other:https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2020-01-29 18:31:11 UTC (commit 40f18bf14da5fb50662e1f861ea594a462b207fe)