Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Fedora 42 mingw-LibRaw Critical Exec Issues CVE-2026-20884 2026-826db1b5c0

fedora
Calendar Grey April 18, 2026
Dist Fedora Esm H88
Latest Fedora update for mingw-LibRaw addresses critical flaws for image processing. Secure your system now.
Backport patch for CVE-2026-20884

Summary

MinGW Windows LibRaw library.

Update Information:

Backport patch for CVE-2026-20884. Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 Update to libraw-0.21.5.

Topics%20covered

Topics Covered

security advisory fedora critical arbitrary code execution mingw-LibRaw cve 2026

Change Log

* Thu Apr 9 2026 Sandro Mani - 0.21.5-3 - Backport patch for CVE-2026-20884 * Wed Apr 8 2026 Sandro Mani - 0.21.5-2 - Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 * Thu Apr 2 2026 Sandro Mani - 0.21.5-1 - Update to 0.21.5 * Thu Jul 24 2025 Fedora Release Engineering - 0.21.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

References


[ 1 ] Bug #2456057 - CVE-2026-24450 mingw-LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456057 [ 2 ] Bug #2456240 - CVE-2026-21413 mingw-LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456240 [ 3 ] Bug #2456243 - CVE-2026-20889 mingw-LibRaw: LibRaw: Arbitrary code execution via specially crafted image file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456243 [ 4 ] Bug #2456245 - CVE-2026-24660 mingw-LibRaw: LibRaw: Memory Corruption via Malicious File Processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456245 [ 5 ] Bug #2456561 - CVE-2026-20884 mingw-LibRaw: LibRaw: Arbitrary code execution via integer overflow in deflate_dng_load_raw [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456561

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-826db1b5c0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-LibRaw
Product: Fedora 42
Version: 0.21.5
Release: 3.fc42
URL: http://www.libraw.org
Summary: Library for reading RAW files obtained from digital photo cameras

Topics%20covered

Topics Covered

security advisory fedora critical arbitrary code execution mingw-LibRaw cve 2026

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here