[webkit-gtk] JPEG-XR support in WebKItGTK+
ChangSeok Oh
changseok.oh at collabora.com
Wed Apr 1 09:08:10 PDT 2015
Hrm I don’t know such vulnerabilities.
In my humble opinion, if there is a security hole, it should be fixed in jxrlib as other image libraries do.
Of course if the hole is caused by webkit glue layer, it should be fixed in webkit side.Is there any reason that jxr is special here?
I think the security risk is not only for jxrlib. In my view, jxrlib doesn’t has especially more vulnerabilities than others.
If so, we can report it to MS.
Here is a single page you want. =)
http://cloudinary.com/blog/jpeg_xr_conversion_with_auto_browser_detection_optimize_images_for_ie_users <http://cloudinary.com/blog/jpeg_xr_conversion_with_auto_browser_detection_optimize_images_for_ie_users>
ChangSeok
> On Apr 1, 2015, at 11:35 PM, Martin Robinson <mrobinson at webkit.org> wrote:
>
> I think it's also important to weigh potential new security
> vulnerabilities as well. My understanding is that image decoders have
> been a source of issues in the past. Can we find an example of a
> single page with JPEG-XR images embedded into the page content?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-gtk/attachments/20150402/0d45f149/attachment.html>
More information about the webkit-gtk
mailing list