It’s fantastic they were able to find these issues!
That four new CVEs (two high-severity!) were found in a mature and well-tested library like png reminds me how non-trivial and unforgiving software engineering can be.
Security flaws are often just waiting behind the corner: this should be humbling lesson for all of us.
That four new CVEs (two high-severity!) were found in a mature and well-tested library like png reminds me how non-trivial and unforgiving software engineering can be.
Security flaws are often just waiting behind the corner: this should be humbling lesson for all of us.