There is a heap-based buffer over-read at stbimage.h (function: stbitgaload) in libsixel 1.8.2 that will cause a denial of service.
{ "binaries": [ { "binary_version": "1.5.2-2", "binary_name": "libsixel-bin" }, { "binary_version": "1.5.2-2", "binary_name": "libsixel-dev" }, { "binary_version": "1.5.2-2", "binary_name": "libsixel1" } ] }
{ "binaries": [ { "binary_version": "1.7.3-1", "binary_name": "libsixel-bin" }, { "binary_version": "1.7.3-1", "binary_name": "libsixel-dev" }, { "binary_version": "1.7.3-1", "binary_name": "libsixel-examples" }, { "binary_version": "1.7.3-1", "binary_name": "libsixel1" } ] }