Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Fedora 43 mingw-SDL2_image Critical Information Disclosure CVE-2026-35444

fedora
Calendar Grey June 20, 2026
Scroller Fedora Esm H88
Fedora 43 update to SDL2_image fixes critical information disclosure issue linked to CVE-2026-35444.
Update to SDL2_image 2.8.12, fixes CVE-2026-35444.

Summary

Simple DirectMedia Layer (SDL2) is a cross-platform multimedia library

designed to provide fast access to the graphics frame buffer and audio

device. This package contains a simple library for loading images of

various formats (BMP, PPM, PCX, GIF, JPEG, PNG) as SDL2 surfaces.

Update Information:

Update to SDL2_image 2.8.12, fixes CVE-2026-35444.

Change Log

* Fri May 15 2026 Sandro Mani - 2.8.12-1 - Update to 2.8.12 * Fri Jan 16 2026 Fedora Release Engineering - 2.8.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Mon Dec 8 2025 Sandro Mani - 2.8.8-3 - Rebuild (libtiff)

References


[ 1 ] Bug #2455891 - CVE-2026-35444 mingw-SDL2_image: SDL_image: Information disclosure via crafted XCF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455891

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bc38ebdf4c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-SDL2_image
Product: Fedora 43
Version: 2.8.12
Release: 1.fc43
Summary: MinGW Windows port of the Image loading library for SDL2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.