CLSA-2026-1773999754 Fix CVE(s): CVE-2026-25898
SECURITY UPDATE: global buffer overflow read via negative pixel index in UIL and XPM image encoders - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. -...