[flutter_releases] Flutter stable 3.13.4 Engine Cherrypicks

[itsjustkevin]

Flutter stable 3.13.4 Engine

Scheduled Cherrypicks

• Roll dart revision: dart-lang/sdk@9bf2f88a8
• [CP][ios]fix text input system highlight in iOS 17 Beta 7 flutter#133890
• [cp]Reverts part of "fix auto-correction highlight on top left corner (Again)" flutter#134468
• [CP] Roll libwebp to 1.3.1 flutter#134496

[flutter-dashboard]

This pull request was opened from and to a release candidate branch. This should only be done as part of the official Flutter release process. If you are attempting to make a regular contribution to the Flutter project, please close this PR and follow the instructions at Tree Hygiene for detailed instructions on contributing to Flutter.

Reviewers: Use caution before merging pull requests to release branches. Ensure the proper procedure has been followed.

[Jasguerrero]

LGTM

[XilaiZhang]

[ua741]

Hello @itsjustkevin `,

As per flutter 3.13.4 change log, that this commit Fixes CVE-2023-4863.

According to libwebp repo, the fix for CVE-2023-4863 was released as part of v1.3.2 . The libwebp v1.3.1 doesn't contain the fix for CVE-2023-4863

cc @licaon-kter who noticed this issue first.

[linsui]

In fec13df the libwebp is updated to 1.3.1 2af26267cdfcb63a88e5c74a85927a12d6ca1d76. The webmproject/libwebp@2af2626 commit is the fix of the 0day backported to the 1.3.1 branch.

[ua741]

In fec13df the libwebp is updated to 1.3.1 2af26267cdfcb63a88e5c74a85927a12d6ca1d76. The webmproject/libwebp@2af2626 commit is the fix of the 0day backported to the 1.3.1 branch.

Thank you for clarifying.