Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:5189 - Security Advisory
Issued:
2023-09-18
Updated:
2023-09-18

RHSA-2023:5189 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: libwebp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libwebp is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format (RIFF). Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently.

Security Fix(es):

  • libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2238431 - CVE-2023-4863 libwebp: Heap buffer overflow in WebP Codec

CVEs

  • CVE-2023-4863
  • CVE-2023-5129

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
x86_64
libwebp-1.0.0-7.el8_6.1.i686.rpm SHA-256: ea920c2d0cad23cd5bca3594a47777f14939b5521acf0cfd0ebf8c64730d5d33
libwebp-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: ba34eb369b9ce816355db7acdc1bfd98c6305f4633e57bca5dfea9482b6f205f
libwebp-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 3fb109d12d7435eb7e10c3874cae2c9bdf7097b9c984bda2c9bdfb956e85a851
libwebp-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: a98aaf6066fb85e98859af3cc335beb693d604e86d924fdffac4077147af660a
libwebp-debugsource-1.0.0-7.el8_6.1.i686.rpm SHA-256: b4c97f75145c8090d8a09b45d314827156136044fd9f6d62cbcff5160848337a
libwebp-debugsource-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: b863587fba452f8d6ef58b4bfb9d1f8ee8040dbced0a7b3aded44b1c1678903e
libwebp-devel-1.0.0-7.el8_6.1.i686.rpm SHA-256: 9c03bb5b143d81f0abb49654e666a46b29458ae98f02a2832564100a4d4dd605
libwebp-devel-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8f76652dfcc3a76fdded08fdba5faa56a465bfcda682b599ef9a862e53d635bf
libwebp-java-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: cc6df9be604550dca3ee134dd9c83a3f25c03c251f62a860605713ea1cc0795f
libwebp-java-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8228b0ee038f822708f4da3f8a9c119f72091512dc6f5897801b2c9cf304e146
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 51f647b9b82dc9726ad440f18ab50d12c1cbae004ca0eba6e88c3c7e03c4d515
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 729444f349fd1ea91066d9103b13c1d5cffa5483f1749e6f0a50d44d10c52b79

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
x86_64
libwebp-1.0.0-7.el8_6.1.i686.rpm SHA-256: ea920c2d0cad23cd5bca3594a47777f14939b5521acf0cfd0ebf8c64730d5d33
libwebp-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: ba34eb369b9ce816355db7acdc1bfd98c6305f4633e57bca5dfea9482b6f205f
libwebp-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 3fb109d12d7435eb7e10c3874cae2c9bdf7097b9c984bda2c9bdfb956e85a851
libwebp-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: a98aaf6066fb85e98859af3cc335beb693d604e86d924fdffac4077147af660a
libwebp-debugsource-1.0.0-7.el8_6.1.i686.rpm SHA-256: b4c97f75145c8090d8a09b45d314827156136044fd9f6d62cbcff5160848337a
libwebp-debugsource-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: b863587fba452f8d6ef58b4bfb9d1f8ee8040dbced0a7b3aded44b1c1678903e
libwebp-devel-1.0.0-7.el8_6.1.i686.rpm SHA-256: 9c03bb5b143d81f0abb49654e666a46b29458ae98f02a2832564100a4d4dd605
libwebp-devel-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8f76652dfcc3a76fdded08fdba5faa56a465bfcda682b599ef9a862e53d635bf
libwebp-java-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: cc6df9be604550dca3ee134dd9c83a3f25c03c251f62a860605713ea1cc0795f
libwebp-java-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8228b0ee038f822708f4da3f8a9c119f72091512dc6f5897801b2c9cf304e146
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 51f647b9b82dc9726ad440f18ab50d12c1cbae004ca0eba6e88c3c7e03c4d515
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 729444f349fd1ea91066d9103b13c1d5cffa5483f1749e6f0a50d44d10c52b79

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
s390x
libwebp-1.0.0-7.el8_6.1.s390x.rpm SHA-256: 83babcd9204723e4fe7f0788552184e036e980a96ddaa1d84eded6e7b4936f9d
libwebp-debuginfo-1.0.0-7.el8_6.1.s390x.rpm SHA-256: 8d7ba2ea41211a3879a4216b1ce2568c3814251bdc436e02bc4b4acf0b1e3ec5
libwebp-debugsource-1.0.0-7.el8_6.1.s390x.rpm SHA-256: a07e5723a56576077ed3e766938a2cda94e088a6f2ee2033dc18b4df4adae274
libwebp-devel-1.0.0-7.el8_6.1.s390x.rpm SHA-256: 5e56317e552e9365b064eeacceb56c8007179c8769431b11e72d907ab75ac07b
libwebp-java-debuginfo-1.0.0-7.el8_6.1.s390x.rpm SHA-256: bc3c14c4dac60ab3bc63a4377b8ff751880f69fec0b063d58d700d5949321dc8
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.s390x.rpm SHA-256: 4f9f452328b231c3c1d4dbf5fafad115fff18b07ae3192a2747d36c903cdebd3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
ppc64le
libwebp-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: a930b501efb8ec5572b4145e3fb6de3ef687fb524c6fbe19d7dc07088eb97516
libwebp-debuginfo-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: d2bf3b4c00f9b30c515ef72e8caa04285b37620afa2a5c0ab493e7a13755da79
libwebp-debugsource-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: 3095539ea895761bf75609e194eb950de6f90f99d3e06a9eaa800534f89c2325
libwebp-devel-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: b4c79e74fd95fea7eb2694edd67a33eb65215cd90875fb8d612aea4f143372cc
libwebp-java-debuginfo-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: b4cd0871adbbb53d4b0c9bf9219b4a545de5ea2de9c69713ea65b17088394f8a
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: 168fe1d34bcb4371ac702ff6e0704f5def185035fd51ded264f4f217a21a05cf

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
x86_64
libwebp-1.0.0-7.el8_6.1.i686.rpm SHA-256: ea920c2d0cad23cd5bca3594a47777f14939b5521acf0cfd0ebf8c64730d5d33
libwebp-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: ba34eb369b9ce816355db7acdc1bfd98c6305f4633e57bca5dfea9482b6f205f
libwebp-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 3fb109d12d7435eb7e10c3874cae2c9bdf7097b9c984bda2c9bdfb956e85a851
libwebp-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: a98aaf6066fb85e98859af3cc335beb693d604e86d924fdffac4077147af660a
libwebp-debugsource-1.0.0-7.el8_6.1.i686.rpm SHA-256: b4c97f75145c8090d8a09b45d314827156136044fd9f6d62cbcff5160848337a
libwebp-debugsource-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: b863587fba452f8d6ef58b4bfb9d1f8ee8040dbced0a7b3aded44b1c1678903e
libwebp-devel-1.0.0-7.el8_6.1.i686.rpm SHA-256: 9c03bb5b143d81f0abb49654e666a46b29458ae98f02a2832564100a4d4dd605
libwebp-devel-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8f76652dfcc3a76fdded08fdba5faa56a465bfcda682b599ef9a862e53d635bf
libwebp-java-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: cc6df9be604550dca3ee134dd9c83a3f25c03c251f62a860605713ea1cc0795f
libwebp-java-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8228b0ee038f822708f4da3f8a9c119f72091512dc6f5897801b2c9cf304e146
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 51f647b9b82dc9726ad440f18ab50d12c1cbae004ca0eba6e88c3c7e03c4d515
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 729444f349fd1ea91066d9103b13c1d5cffa5483f1749e6f0a50d44d10c52b79

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
aarch64
libwebp-1.0.0-7.el8_6.1.aarch64.rpm SHA-256: 7fd3d55b81a405f94e6bd8a81a80373ce4526f4013545e830e83cbcf9df0e520
libwebp-debuginfo-1.0.0-7.el8_6.1.aarch64.rpm SHA-256: 5cb12037fe6b4b7cceba000ae81ccf63fe396cebc86d83d7272126365bbb19b1
libwebp-debugsource-1.0.0-7.el8_6.1.aarch64.rpm SHA-256: c4723bea24bd2e5971bf4ace539bd70a88f043e75b6c3be925f4cab8a4e9ba46
libwebp-devel-1.0.0-7.el8_6.1.aarch64.rpm SHA-256: 897d2fdd13aea5011d24a6fb98edccb4521138a024bd3119341048a59596330e
libwebp-java-debuginfo-1.0.0-7.el8_6.1.aarch64.rpm SHA-256: 337e145c1045ac106fb89384fb5be73774c9426decc534b191d28386f33c4290
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.aarch64.rpm SHA-256: b5b406040f6a2aa04661d92edd4b94deb33da265e0abcaa4861130b2d395c78b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
ppc64le
libwebp-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: a930b501efb8ec5572b4145e3fb6de3ef687fb524c6fbe19d7dc07088eb97516
libwebp-debuginfo-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: d2bf3b4c00f9b30c515ef72e8caa04285b37620afa2a5c0ab493e7a13755da79
libwebp-debugsource-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: 3095539ea895761bf75609e194eb950de6f90f99d3e06a9eaa800534f89c2325
libwebp-devel-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: b4c79e74fd95fea7eb2694edd67a33eb65215cd90875fb8d612aea4f143372cc
libwebp-java-debuginfo-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: b4cd0871adbbb53d4b0c9bf9219b4a545de5ea2de9c69713ea65b17088394f8a
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.ppc64le.rpm SHA-256: 168fe1d34bcb4371ac702ff6e0704f5def185035fd51ded264f4f217a21a05cf

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
libwebp-1.0.0-7.el8_6.1.src.rpm SHA-256: 991af7457816ee457edbf4870cf31d7d922254d745bf0947b7df15e3d903ea4f
x86_64
libwebp-1.0.0-7.el8_6.1.i686.rpm SHA-256: ea920c2d0cad23cd5bca3594a47777f14939b5521acf0cfd0ebf8c64730d5d33
libwebp-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: ba34eb369b9ce816355db7acdc1bfd98c6305f4633e57bca5dfea9482b6f205f
libwebp-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 3fb109d12d7435eb7e10c3874cae2c9bdf7097b9c984bda2c9bdfb956e85a851
libwebp-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: a98aaf6066fb85e98859af3cc335beb693d604e86d924fdffac4077147af660a
libwebp-debugsource-1.0.0-7.el8_6.1.i686.rpm SHA-256: b4c97f75145c8090d8a09b45d314827156136044fd9f6d62cbcff5160848337a
libwebp-debugsource-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: b863587fba452f8d6ef58b4bfb9d1f8ee8040dbced0a7b3aded44b1c1678903e
libwebp-devel-1.0.0-7.el8_6.1.i686.rpm SHA-256: 9c03bb5b143d81f0abb49654e666a46b29458ae98f02a2832564100a4d4dd605
libwebp-devel-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8f76652dfcc3a76fdded08fdba5faa56a465bfcda682b599ef9a862e53d635bf
libwebp-java-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: cc6df9be604550dca3ee134dd9c83a3f25c03c251f62a860605713ea1cc0795f
libwebp-java-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 8228b0ee038f822708f4da3f8a9c119f72091512dc6f5897801b2c9cf304e146
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.i686.rpm SHA-256: 51f647b9b82dc9726ad440f18ab50d12c1cbae004ca0eba6e88c3c7e03c4d515
libwebp-tools-debuginfo-1.0.0-7.el8_6.1.x86_64.rpm SHA-256: 729444f349fd1ea91066d9103b13c1d5cffa5483f1749e6f0a50d44d10c52b79

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility