I have just seen this surprising information…
1 Like
Your title should read “Here is a link to a search engine”.
1 Like
Why don’t you tell us why it is surprising, and why we should click on the link. This is a “discussion” blog.
3 Likes
I humbly apologise for offending you with the wording of my title.
I humbly apologise for offending you by not telling
you, in my original post, why I was surprised.
So, better late than never, I will do it now.
I was surprised that a WebP image could pose
such a dire threat.
I have already apologised to @droopsnoot for
my inappropriate title, so all I can say is, if and
when I start a second thread, I will do my upmost
best to improve my composing skills to better suit
the required standard of discerning members here.
2 Likes
You are not offending me. I am merely advising you on how to make a more informative post.
Some of us are reluctant to click on a post that is mostly a link because we don’t know if it will lead to a scam site. This is particularly true with a new person to the site we haven’t had experience with yet.
Welcome to the site! Here is a page that will give more information on how to use it effectively.
https://www.sitepoint.com/community/faq
1 Like
Well, I am extremely pleased to hear that.
Now that everything about my original post is now sorted
it will be pleasant to hear if you and @droopsnoot have
any observations to post about the critical WebP bug
I, of course, will now be carefully reading through the F.A.Q.
which you kindly provided to hopefully improve my erudition.
The problem with a post that consists of a link is that the link may no longer function in the future, so people searching and finding this post will not understand it.
So it’s a good idea to say something about the link that made you want to post it here. What is the information in the link, and why are you so concerned?
This is one of the reasons why you are not getting any serious replies. This is written to help you be a better writer on the site, not to condemn you.
1 Like
OK, I can see your concern but unfortunately I am
unable now to go back and edit the awful errant
link.
Perhaps site moderators will have the ability to do
so but failing that, here is a link to one of the sites
which supplied me with the relevant bug information…
https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/
1 Like
I took a look at this, and it’s legitimate. It’s a heap overflow (buffer overflow) bug in libwebp, the library used by tools (browsers, image editing tools) that use the webp format. At the moment it just looks like someone found and published the bug in the library - I didn’t see any references to a security expoit using this vulnerability. In any event, most browsers have an update, and various other tools (Gimp, for example) have been updated as well.
1 Like
I haven’t - I’d never heard of WebP until you mentioned it. My comment was just based on you posting what appeared to be a generic link to a search engine with no further information, which has all the hallmarks of a spam post. I wasn’t offended, indeed as your post is actually legitimate I should apologise to you for not being all that welcoming to a new user.
1 Like
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.