this post was submitted on 26 Sep 2023
17 points (100.0% liked)
General Lemmy.Cafe
210 readers
1 users here now
General site
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Where did you find a changelog for pict-rs? I can't find anywhere that lists details on 0.4.3, there don't seem to have been release notes published.
I don't think there's a fix for cve-2023-4863 in here. https://git.asonix.dog/asonix/pict-rs/commits/tag/v0.4.3
https://git.asonix.dog/asonix/pict-rs/releases/tag/v0.4.3
I think the fix was in libwebp, which got pulled with the rebuild of the image.
Thanks!