|
|
Subscribe / Log in / New account

Debian alert DLA-4148-1 (vips)



From:
              Guilhem Moulin <guilhem@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 4148-1] vips security update


Date:
              Wed, 30 Apr 2025 22:03:35 +0200


Message-ID:
              <aBKCF8zRct5HT7_7@debian.org>


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4148-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                       Guilhem Moulin
April 30, 2025                                https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : vips
Version        : 8.10.5-2+deb11u1
CVE ID         : CVE-2025-29769

A heap-based buffer overflow was discovered in vips, an image processing
system, which could lead to denial of service when processing specially
crafted TIFF images.

For Debian 11 bullseye, this problem has been fixed in version
8.10.5-2+deb11u1.

We recommend that you upgrade your vips packages.

For the detailed security status of vips please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vips

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmgSghUACgkQ05pJnDwh
pVIJ+w//eYi9G6wh2oDM0M9POt2Tvu6gmk5IEPtgNK1EZN8EWNf0xhycsadYcVpL
tKM9YzpUKe7DjMngcBWv5iI1ml9UXsqy6nXCaC8qg38lM2W4O65KRQMaSRI06B0l
ENHh1oNveF2jUWREz5Ej5E/gegHFsO3Vq0Uj6IDsLQwZikobzws+1Bklkubh/36d
vQ7odUf6b8dtrMo+Gft+NobtZZeDTQqLxYEZG9lAZH8qw61xMFq58h4j6amDSK5K
Ab6PM2Pl2ZnMasmsb7ewxNI7ZwxkOwP3lYovo35duj0z95P9vofLDm3OVOL1l1ZJ
dBwCM6olnDnzwwIkaYlt1E0SSS1hMn9HC++mZCbzNjyY7D4KwGhZ6i9lMjB+VYtB
iF0fZMGk28yBhl9DAH1vAolngbFgG/hsSwjRUT9/Kzt6qdIdGRQjeqo9BKFkTD1Z
ZYo9VdUJYf0SuoU1IyZO1T5bJ5hgl/w943bx5ovpyQNS5yuUUvSBLlCGwtLgclBZ
JC4y39vVidYAftZT5vr7aVXOWWPFlXW+b6LJIZ8xVjFCQ3yX+aCTQEXFYOoAVzgN
KPXMNNKiirdha+S4weW1rpgwqiJYjptUo1rqitPS4TCPzzLCgjfbcEAYMXiw/yKk
zfoOVw4sNFzjw4qPhXC/KaG/ZxJq/qEU+WmOpcbjZb2kpqMFdYc=
=0voC
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds