Headline
CVE-2023-35790: Release v0.8.2 · libjxl/libjxl
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.
Changed
- Security: Fix an integer underflow bug in patch decoding (#2551).
Note: This release is for evaluation purposes and may contain bugs, including security bugs, that may not be individually documented when fixed. See the SECURITY.md file for details. Always prefer to use the latest release.
Please provide feedback and report bugs here.