Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Debian LTS rlottie Critical C++ Bug Fixes Advisory DLA-4675-1

debian lts
Calendar Grey July 10, 2026
Dist Debian Esm H88
Debian LTS updates rlottie addressing several C++ flaws reported as CVEs, enhancing security for Telegram Desktop.
rLottie is a platform independent C++ library for rendering vector-based animations and art

Summary

Several flaws caused by C++ undefined behavior in this library were recently
reported as CVE issues. The new update addresses six of them as well as
backports other crash fixes.

For Debian 11 bullseye, these problems have been fixed in version
0.1+dfsg-2+deb11u2.

We recommend that you upgrade your rlottie packages.

For the detailed security status of rlottie please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rlottie

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
important
Lowest
Low
Medium
High
Critical

Package: rlottie
Version: 0.1+dfsg-2+deb11u2
CVE ID: CVE-2026-8916 CVE-2026-10305 CVE-2026-47306 CVE-2026-47318
Debian Bug: 994614 1138916 1138917 1138918 1138919 1138920 1139179

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.