Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: cherry-pick b2eab7500a18 from chromium #39825

Merged
merged 2 commits into from Sep 12, 2023
Merged

chore: cherry-pick b2eab7500a18 from chromium #39825

merged 2 commits into from Sep 12, 2023

Conversation

MarshallOfSound
Copy link
Member

Roll src/third_party/libwebp/src/ 6a319d4da..4619a48fc (1 commit)

https://chromium.googlesource.com/webm/libwebp.git/+log/6a319d4da395..4619a48fc329

$ git log 6a319d4da..4619a48fc --date=short --no-merges --format='%ad %ae %s'
2023-09-07 vrabaud Fix OOB write in BuildHuffmanTable.

Created with:
roll-dep src/third_party/libwebp/src

Bug: 1479274
Change-Id: I0de56a278cfc64467d092ea0213bdf957b227ce1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4853057
Commit-Queue: James Zern jzern@google.com
Reviewed-by: Urvang Joshi urvang@chromium.org
Cr-Commit-Position: refs/branch-heads/5845@{#1779}
Cr-Branched-From: 5a5dff63a4a4c63b9b18589819bebb2566c85443-refs/heads/main@{#1160321}

Notes: Security: backported fix for CVE-2023-4863.

@MarshallOfSound MarshallOfSound requested a review from a team as a code owner September 12, 2023 09:58
@MarshallOfSound MarshallOfSound added security 🔒 semver/patch backwards-compatible bug fixes backport-check-skip Skip trop's backport validity checking 25-x-y labels Sep 12, 2023
@electron-cation electron-cation bot added new-pr 🌱 PR opened in the last 24 hours and removed new-pr 🌱 PR opened in the last 24 hours labels Sep 12, 2023
@ppontes
Copy link
Member

ppontes commented Sep 12, 2023

Aren't the DEPS files processed before patches are applied?

@jkleinsc
Copy link
Contributor

@ppontes good point. I'll cherry-pick the fix and update the patches.

@MarshallOfSound MarshallOfSound merged commit dc3ce65 into 25-x-y Sep 12, 2023
13 checks passed
@MarshallOfSound MarshallOfSound deleted the cherry-pick/25-x-y/chromium/b2eab7500a18 branch September 12, 2023 18:44
@release-clerk
Copy link

release-clerk bot commented Sep 12, 2023

Release Notes Persisted

Security: backported fix for CVE-2023-4863.

@mfhepp mfhepp mentioned this pull request Sep 29, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codebytere codebytere codebytere approved these changes

@ppontes ppontes ppontes approved these changes

Assignees
No one assigned
Labels
25-x-y backport-check-skip Skip trop's backport validity checking security 🔒 semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@MarshallOfSound @ppontes @jkleinsc @codebytere