libwebp cve-2023-4863

[Sharyie]

hi, Is this package affected by CVE-2023-1999/CVE-2023-4863 related to old libwebp?
CVE-2023-1999
CVE-2023-4863

[codespearhead]

libwebp-dev is an OS-level dependency, so it's on the OS to serve you up-to-date packages.

The pipeline currently uses only LTS versions of Ubuntu, so I wouldn't worry about that.