Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisorydenial of servicefedoraUbuntu 23.04 GIMP Modification JPEG Library Overflow 2026-daf0060841
LibRaw 0.22.1 and rebuilds Release 3.1.12.0 (Apr 1, 2026) -- compared to 3.1.11.0 oiiotool: Better type understanding with -i:ch= and other cleanup #5056 texture: Fix texture overblur with st-blur parameters #5071 #5080 (by Pascal Lecocq) (3.1.12.0, 3.0.17.0). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-bef0050737 2026-04-13 21:06:00.498961+00:00 -------------------------------------------------------------------------------- Name : shotwell Product : Fedora 44 Version : 33~alpha Release : 9.fc44 URL : https://wiki.gnome.org/Apps/Shotwell Summary : A photo organizer for the GNOME desktop Description : Shotwell is an easy-to-use, fast photo organizer designed for the GNOME desktop. It allows you to import photos from your camera or disk, organize them by date and subject matter, even ratings. It also offers basic photo editing, like crop, red-eye correction, color adjustments, and straighten. Shotwell's non-destructive photo editor does not alter your master photos, making it easy to experiment and correct errors. -------------------------------------------------------------------------------- Update Information: LibRaw 0.22.1 and rebuilds Release 3.1.12.0 (Apr 1, 2026) -- compared to 3.1.11.0 oiiotool: Better type understanding with -i:ch= and other cleanup #5056 texture: Fix texture overblur with st-blur parameters #5071 #5080 (by Pascal Lecocq) (3.1.12.0, 3.0.17.0) IBA: Handle offset data windows in fillholes_pushpull #5105 (3.1.12.0, 3.0.17.0) ImageInput: check_open fixes and new validity checks #5087 (3.1.12.0, 3.0.17.0) bmp: Use check_open to guard against corrupt resolutions #5086 (3.1.12.0, 3.0.17.0) heif: Fix invalid read writing 8-bit images with dimensions not a multiple of 64 #5095 (by Brecht Van Lommel) ico: Various validity checks and error handling for corruptions #5088 (3.1.12.0, 3.0.17.0) jpeg: Improved safety and error reporting for jpeg and iptc#5081 jpeg2000: Suppress leak when reading with OpenJPH #5098 psd: Fixes against corrupt files with better validation #5089 (3.1.12.0, 3.0.17.0) rla: Lots of additional validity checking and safety #5094 (3.1.12.0, 3.0.17.0) tiff: Support GPS fields, and other metadata enhancements #5050 tiff: Fix buffer overrun and improve error reporting #5082, fix wrong number of values passed to invert_photometric #5083, check for invalid bit depth in palette images #5091 ImageSpec: metadata_val improved safety #5096 (3.1.12.0, 3.0.17.0) fix: Fix UB-sanitizer warning about alignment #5097 fix: Catch exceptions in print-uncaught-messages destructor #5103 fix: Enhanced exception safety for our use of OpenColorIO #5114 fix: Fix possible fmt exceptions where we might have passed null string #5115 build: Test building with clang 22.1, fix warnings uncovered #5067 build: Improve security by pinning auto-build dependencies by hash #5076 build: Include idiff in the python wheels we build #5104 (3.1.12.0, 3.0.17.0) build(pybind11): Address new pybind11 float/int auto-conversion behavior #5058 build(win): Embed manifest in OIIO executables to enable long path handling #5066 (by Nathan Rusch) ci: Add CI test for MSVS 2026 #5060 (3.1.12.0, 3.0.17.0) ci: For security, replace workflow substitutions with safer env substitutions #5070 ci: Speed up slow benchmarks for debug and sanitizer CI tests #5077 ci: On Mac Intel CI variant, don't install openvdb, for speed #5065 (3.1.12.0, 3.0.17.0) ci: Bump GitHub Actions to latest versions #5078 #5110 #5119 ci: Fix broken Mac CI and wheel building by specifying full compiler paths #5100 #5101 (3.1.12.0, 3.0.17.0) ci: Update certificates to be able to install icc #5122 (3.1.12.0, 3.0.17.0) ci: Turn off nightly workflows for user forks #5042 tests: New ref outputs for tiff-misc, heif no-avif, and ffmpeg 8.1 cases #5075 #5079 #5099 #5112 docs: Update description for dwaCompressionLevel #5074 (by Aamir Raza) docs: Fix formatting examples for version macros #5073 docs:Keep TextureSystem docs in sync with ImageCache #5085 (3.1.12.0, 3.0.17.0) docs: Fix typos and incorrect attribute name in a comment #5093 (3.1.12.0, 3.0.17.0) docs: Fix misstatement about oiiotool --if #5102 (3.1.12.0, 3.0.17.0) admin: Draft policy on use of AI coding assistants #5072 (3.1.12.0, 3.0.17.0) ci: Freetype adjustments #4999 Update to 5.1 (#2451401) Update to 5.0 (#2447841) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 8 2026 Gwyn Ciesla - 33~alpha-9 - Libraw rebuild * Wed Mar 25 2026 Jan Grulich - 33~alpha-8 - Add configuration for release-monitoring -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447841 - swayimg-.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2447841 [ 2 ] Bug #2451401 - swayimg-5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451401 [ 3 ] Bug #2454235 - CVE-2026-5318 LibRaw: LibRaw: Denial of Service via out-of-bounds write in JPEG DHT Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454235 [ 4 ] Bug #2454464 - CVE-2026-5342 LibRaw: LibRaw: Out-of-bounds read via `load_flags/raw_width` argument manipulation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454464 [ 5 ] Bug #2455346 - LibRaw-0.22.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2455346 [ 6 ] Bug #2456557 - CVE-2026-20884 LibRaw: LibRaw: Arbitrary code execution via integer overflow in deflate_dng_load_raw [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2456557 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bef0050737' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages aresigned with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 13, 2026
•Important
Fedora
89
security advisoryfedorasoftware updateFedora 25: Shotwell Security Update: Enhances HTTPS and Authentications
This release turns on HTTPS encyption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of Picasa and Youtube publishing are strongly advised to reauthenticate (Log out and back in) Shotwell to those services after upgrade. Changes in shotwell. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-8c3c43cc4f 2017-02-02 16:35:20.084125 -------------------------------------------------------------------------------- Name : shotwell Product : Fedora 25 Version : 0.24.5 Release : 1.fc25 URL : https://wiki.gnome.org/Apps/Shotwell Summary : A photo organizer for the GNOME desktop Description : Shotwell is an easy-to-use, fast photo organizer designed for the GNOME desktop. It allows you to import photos from your camera or disk, organize them by date and subject matter, even ratings. It also offers basic photo editing, like crop, red-eye correction, color adjustments, and straighten. Shotwell's non-destructive photo editor does not alter your master photos, making it easy to experiment and correct errors. -------------------------------------------------------------------------------- Update Information: This release turns on HTTPS encyption all over the publishing plugins. Usersusing Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of Picasa and Youtube publishing are strongly advised to reauthenticate (Log out and back in) Shotwell to those services after upgrade. Changes in shotwell 0.24.5 release: * Publishing: Use HTTPS consistently * Updated translations Changes in shotwell 0.24.4 release: * Piwigo: Fix title and comments for uploaded images * Fix icon file name for Serbian and Korean * Improved duplicatedetection -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade shotwell' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Feb 02, 2017
•Critical
Fedora
89
security advisorymoderateupdateFedora 24: FEDORA-2016-902b3a19e9 Important: GIMP SSL Update
Update to git snapshot. Port to WebKit2 and verify TLS certificates. See https://bugzilla.gnome.org/show_bug.cgi?id=754488. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-902a2b18d8 2016-01-13 01:56:20.984919 -------------------------------------------------------------------------------- Name : shotwell Product : Fedora 23 Version : 0.23.0 Release : 0.1.20160105gitf2fb1f7.fc23 URL : Summary : A photo organizer for the GNOME desktop Description : Shotwell is an easy-to-use, fast photo organizer designed for the GNOME desktop. It allows you to import photos from your camera or disk, organize them by date and subject matter, even ratings. It also offers basic photo editing, like crop, red-eye correction, color adjustments, and straighten. Shotwell's non-destructive photo editor does not alter your master photos, making it easy to experiment and correct errors. -------------------------------------------------------------------------------- Update Information: Update to git snapshot. Port to WebKit2 and verify TLS certificates. See https://bugzilla.gnome.org/show_bug.cgi?id=754488 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update shotwell' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Jan 13, 2016
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!