openSUSE-SU-2023:0388-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0388-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0388-1
Related
Published
2023-12-02T17:00:59Z
Modified
2025-05-07T18:15:12.615160Z
Upstream
Summary
Security update for optipng
Details

This update for optipng fixes the following issues:

Update to 0.7.8:

  • CVE-2023-43907: Fixed a global-buffer-overflow vulnerability in the GIF reader (boo#1215937).
  • Fixed a stack-print-after-scope defect in the error handler.
  • Fixed an assertion failure in the image reduction module.
  • Fixed the command-line wildargs expansion in the Windows port.
  • Refactored the structured exception handling.
References

Affected packages

SUSE:Package Hub 15 SP4 / optipng

Package

Name
optipng
Purl
pkg:rpm/suse/optipng&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.8-bp154.3.5.1

Ecosystem specific 

{
    "binaries": [
        {
            "optipng": "0.7.8-bp154.3.5.1"
        }
    ]
}

openSUSE:Leap 15.4 / optipng

Package

Name
optipng
Purl
pkg:rpm/opensuse/optipng&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.8-bp154.3.5.1

Ecosystem specific 

{
    "binaries": [
        {
            "optipng": "0.7.8-bp154.3.5.1"
        }
    ]
}