[CLSA-2026:1783353880] LibRaw: Fix of CVE-2026-20889
Type:
security
Severity:
Critical
Release date:
2026-07-06 16:04:55 UTC
Description:
- CVE-2026-20889: fix heap-based buffer overflow in x3f_thumb_loader() by adding thumbnail allocation size checks (ELSCVE-135084)
CVEs fixed:
Updated packages:
  • LibRaw-0.20.2-5.el9_2.tuxcare.els4.i686.rpm
    sha:be206ae4d99cfed694429a1a7d9b2861b40262061f483c973144deba0d385a3e
  • LibRaw-0.20.2-5.el9_2.tuxcare.els4.x86_64.rpm
    sha:f1b5e995c8b018be8d12d3d148307317e340a7bbf79da58eb2c3985ce1c012fa
  • LibRaw-devel-0.20.2-5.el9_2.tuxcare.els4.i686.rpm
    sha:62940af4f29e9bc999f3ea8ced9aa069bf97608779e8ef702fb26086ee4204cf
  • LibRaw-devel-0.20.2-5.el9_2.tuxcare.els4.x86_64.rpm
    sha:6a796d6a6c698bc0cd7fbc4155ae310ead690d670e1183f8f98fed2bb59a772f
  • LibRaw-samples-0.20.2-5.el9_2.tuxcare.els4.x86_64.rpm
    sha:03058b8bd5db75e17c990ea413a960635a0c7fc79d7f93a13b76c1651aeef9fa
  • LibRaw-static-0.20.2-5.el9_2.tuxcare.els4.x86_64.rpm
    sha:e7b5a585cc1b8823d466c6c6837c46ff4b05314b6fa35efe3842194a0c7f9c49
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.