Fedora 42: Critical Buffer Overflow Vulnerability in vips 8.17.3 Alert

fedora

December 18, 2025

New version of vips.

Summary

VIPS is an image processing library. It is good for very large images

(even larger than the amount of RAM in your machine), and for working

with color.

This package should be installed if you want to use a program compiled

against VIPS.

Update Information:

New version of vips.

Topics Covered

security advisory fedora buffer overflow critical software update vips

Change Log

* Tue Dec 9 2025 Adam Goode - 8.17.3-1 - Include missing changes for latest release * Tue Dec 9 2025 Adam Goode - 8.17.2-2 - Update to vips 8.17.3 * Fri Sep 19 2025 Kleis Auke Wolthuizen - 8.17.2-1 - Update to 8.17.2 * Tue Sep 9 2025 Sandro Mani - 8.17.1-3 - Rebuild (libimagequant) * Fri Jul 25 2025 Fedora Release Engineering - 8.17.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Jul 7 2025 Kleis Auke Wolthuizen - 8.17.1-1 - Update to 8.17.1 - Resolves: rhbz#2351373 - Migrate API documentation to gi-docgen - Drop dependency on python3-cairo (due to vipsprofile removal) * Sat May 24 2025 Kleis Auke Wolthuizen - 8.16.1-2 - Build vips-doc package as noarch * Tue Apr 8 2025 Kleis Auke Wolthuizen - 8.16.1-1 - Update to 8.16.1 - Drop patch merged upstream - Refresh descriptions for vips-devel and vips-doc

References

[ 1 ] Bug #2401081 - CVE-2025-59933 vips: libvips Buffer Over-Read [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2401081

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-107641b428' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: vips

Product: Fedora 42

Version: 8.17.3

Release: 1.fc42

URL: https://www.libvips.org/

Summary: C/C++ library for processing large images

Topics Covered

security advisory fedora buffer overflow critical software update vips

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42: Critical Buffer Overflow Vulnerability in vips 8.17.3 Alert

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42: Critical Buffer Overflow Vulnerability in vips 8.17.3 Alert

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!