You are not logged in. Please login or register.
 |
Please STOP WAR NOW! |
 |
For proper configuration and installation, please use the Configuration Wizard |
Versions: PHP ≤ 8.0 is EOL - PHP 8.1.28 - PHP 8.2.18 - PHP 8.2.19RC1 - PHP 8.3.6 - PHP 8.3.7RC1
More information: #remirepo IRC channel - Twitter: @RemiRepository - Discord server
Remi's RPM repository - Forum → User support → CVE-2023-4863 in libwebp7.x86_64-1.0.3-1.el7.remi
Hi All,
The version of libwebp installed with php8.0-gd (And possibly other versions) from remi-safe seems to be vulnerable for CVE-2023-4863(https://nvd.nist.gov/vuln/detail/CVE-2023-4863).
The affected version installed on our CentOs7 server is: libwebp7.x86_64-1.0.3-1.el7.remi
Are there any plans to patch libwebp?
If not, are there any other recommendations to mitigate this issue?
Thanks!
Fixed in libwebp7-1.0.3-2.el7.remi.x86_64
Please notice that EL-7 is close to its EOL in 9 months
I heartily recommend to upgrade ASAP to a more recent version
especially if you want modern features (such as PHP 8.x)
Awesome! Thanks for the quick response.
We are indeed moving away from CentOs7 and PHP<8.0.
Remi's RPM repository - Forum → User support → CVE-2023-4863 in libwebp7.x86_64-1.0.3-1.el7.remi
Generated in 0.005 seconds (61% PHP - 39% DB) with 9 queries
Powered by PunBB, supported by Informer Technologies, Inc.
Currently installed 2 official extensions. Copyright © 2003–2009 PunBB.