openSUSE Loupe Low Tracing Subscriber Terminal Manipulation 2026-21074-1
opensuse
June 30, 2026
An update that solves one vulnerability and has one bug fix can now be installed.
Description
This update for loupe fixes the following issue
- CVE-2025-58160: tracing-subscriber: untrusted input containing ANSI escape sequences can lead to terminal
manipulation (bsc#1249009).
Changes for loupe:
- Update to version 48.2:
- Check if the is-hidden property is available before reading
it.
- Considerably increased speed for listing other images in
folders, especially for remote locations. This allows for
switching to other images to become available much quicker.
- Fix panics, probably occuring when using an action like
'copy', and then closing the window. The crash causes all
other windows to close.
- The creation date for images that don't provide a timezone
was displayed as if the recorded date and time was in UTC.
- Zooming in would not work via the zoom menu, if the resulting
zoom state would still fit the image inside the window.
- Update to version 48.1:
- Crash when closing the window, probably in the exact moment
when the animnation for hiding...
Read the Full Advisory
Topics Covered
Patch
Package List
- openSUSE Leap 16.0:
loupe-48.2-160000.1.1
loupe-lang-48.2-160000.1.1
References
* bsc#1249009
References:
* https://www.suse.com/security/cve/CVE-2025-58160.html
PREVIOUS
NEXT
Severity
low
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2026:21074-1
Rating: low
Affected Products:
openSUSE Leap 16.0
-------------------------------------------------------------
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!