Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

CVE-2026-24450

CVE-2026-24450 affects LibRaw (uncompressed_fp_dng_load_raw) and stems from an integer overflow in that function within Commit 8dc68e2, which can lead to a heap buffer overflow when processing a specially crafted DNG file. The published CVSS 3.1 score is 8.1 (HIGH), indicating a NETWORK-attack ve...

RHEL 8 : freerdp (RHSA-2026:6665)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6665 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems

...

OSV-2020-1155 Heap-buffer-overflow in FLAC__bitreader_read_rice_signed_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069 Crash type: Heap-buffer-overflow READ 4 Crash state: FLACbitreaderreadricesignedblock readresidualpartitionedrice readsubframelpc...

skia/textblob_deserialize: Heap-buffer-overflow in is_valid_endian_marker

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5669127323648000 Project: skia Fuzzer: libFuzzerskiatextblobdeserialize Fuzz target binary: textblobdeserialize Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...