Debian Patches
Status for gegl/1:0.4.42-2+deb12u2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| CVE-2025-10921.patch | rgbe: fix #430 zdi-can-27803 | Jacob Boerema <jgboerema@gmail.com> | no | 2025-09-04 | ||
| ZDI-CAN-28266-guard-against-buffer-overflow.patch | ZDI-CAN-28266: guard against buffer overflow In rgbe_read_new_rle we check whether there is still space in the buffer, but we do not verify that the run length fits within the remaining capacity. This can lead to a buffer overflow. This patch adds a check to ensure that the run length does not exceed the available space. |
Gabriele Barbero <barbero.gabriele03@gmail.com> | yes | upstream | https://gitlab.gnome.org/GNOME/gegl/-/commit/d32f1badb4bde1d6e8137f687d9ee1195768d4ed | 2025-12-05 |
All known versions for source package 'gegl'
- 1:0.4.66-3 (forky, sid)
- 1:0.4.62-2+deb13u2 (trixie-proposed-updates, trixie-security)
- 1:0.4.62-2+deb13u1 (trixie)
- 1:0.4.42-2+deb12u2 (bookworm-security, bookworm-proposed-updates)
- 1:0.4.42-2+deb12u1 (bookworm)