mirror of https://github.com/google/oss-fuzz.git
890953f0a0
The image formats we've selected to fuzz test libvips with are typically those likely to originate from untrusted sources, and this very much includes the web. libjxl was added as a dependency of libvips around 18 months ago in anticipation the JPEG-XL format being adopted for the web. A year ago we added a couple of the libjxl maintainers to help triage OSS-Fuzz issues as its inclusion generated a relatively large number of new problems, including one that was later issued a CVE. https://bugs.chromium.org/p/oss-fuzz/issues/list?q=libvips%20libjxl&can=1 The libvips maintainers would love for JPEG-XL to succeed as a format and we hope to add libjxl back soon, but for now we would like to remove it to help reduce the support overhead. /cc @jcupitt |
||
|---|---|---|
| .. | ||
| Dockerfile | ||
| build.sh | ||
| project.yaml | ||