Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

CVE-2026-24450

CVE-2026-24450 is a LibRaw vulnerability in uncompressed_fp_dng_load_raw caused by an integer overflow that can lead to a heap-based buffer overflow when processing a malicious DNG file. Exploitation would require a crafted file; multiple advisories (e.g., ALINUX3-SA-2026:0125, RHSA/RHSA family, ...

RHEL 8 : freerdp (RHSA-2026:6665)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6665 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

CVE-2023-40548

...

OSV-2020-1155 Heap-buffer-overflow in FLAC__bitreader_read_rice_signed_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069 Crash type: Heap-buffer-overflow READ 4 Crash state: FLACbitreaderreadricesignedblock readresidualpartitionedrice readsubframelpc...

skia/textblob_deserialize: Heap-buffer-overflow in is_valid_endian_marker

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5669127323648000 Project: skia Fuzzer: libFuzzerskiatextblobdeserialize Fuzz target binary: textblobdeserialize Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...