Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Fedora 44 swayimg Update 2026-bef0050737 LibRaw Denial of Service

fedora
Calendar Grey April 13, 2026
Dist Fedora Esm H88
Addressing the LibRaw Denial of Service issue in Fedora 44's swayimg with update 2026-bef0050737.
LibRaw 0.22.1 and rebuilds Release 3.1.12.0 (Apr 1, 2026) -- compared to 3.1.11.0 oiiotool: Better type understanding with -i:ch= and other cleanup #5056 texture: Fix texture overb...

Summary

Swayimg is a lightweight image viewer for Wayland display servers.

Update Information:

LibRaw 0.22.1 and rebuilds Release 3.1.12.0 (Apr 1, 2026) -- compared to 3.1.11.0 oiiotool: Better type understanding with -i:ch= and other cleanup #5056 texture: Fix texture overblur with st-blur parameters #5071 #5080 (by Pascal Lecocq) (3.1.12.0, 3.0.17.0) IBA: Handle offset data windows in fillholes_pushpull #5105 (3.1.12.0, 3.0.17.0) ImageInput: check_open fixes and new validity checks #5087 (3.1.12.0, 3.0.17.0) bmp: Use check_open to guard against corrupt resolutions #5086 (3.1.12.0, 3.0.17.0) heif: Fix invalid read writing 8-bit images with dimensions not a multiple of 64 #5095 (by Brecht Van Lommel) ico: Various validity checks and error handling for corruptions #5088 (3.1.12.0, 3.0.17.0) jpeg: Improved safety and error reporting for jpeg and iptc #5081 jpeg2000: Suppress leak when reading with OpenJPH #5098 psd: Fixes against corrupt files with better validation #5089 (3.1.12.0, 3.0.17.0) rla: Lots of additional validity checking and safety #5094 (3.1.12.0,...

Topics%20covered

Topics Covered

security advisory denial of service fedora image viewer libraw swayimg

Change Log

* Wed Apr 8 2026 Gwyn Ciesla - 5.1-2 - Libraw rebuild * Thu Mar 26 2026 Aleksei Bavshin - 5.1-1 - Update to 5.1 (#2451401) * Mon Mar 23 2026 Aleksei Bavshin - 5.0-1 - Update to 5.0 (#2447841)

References


[ 1 ] Bug #2447841 - swayimg-.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447841 [ 2 ] Bug #2451401 - swayimg-5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451401 [ 3 ] Bug #2454235 - CVE-2026-5318 LibRaw: LibRaw: Denial of Service via out-of-bounds write in JPEG DHT Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454235 [ 4 ] Bug #2454464 - CVE-2026-5342 LibRaw: LibRaw: Out-of-bounds read via `load_flags/raw_width` argument manipulation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454464 [ 5 ] Bug #2455346 - LibRaw-0.22.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2455346 [ 6 ] Bug #2456557 - CVE-2026-20884 LibRaw: LibRaw: Arbitrary code execution via integer overflow in deflate_dng_load_raw [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456557

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bef0050737' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: swayimg
Product: Fedora 44
Version: 5.1
Release: 2.fc44
URL: https://github.com/artemsen/swayimg
Summary: Lightweight image viewer for Wayland display servers

Topics%20covered

Topics Covered

security advisory denial of service fedora image viewer libraw swayimg

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here