CLSA-2026-1777070517 Fix CVE(s): CVE-2026-33900, CVE-2026-33905
SECURITY UPDATE: integer truncation in VIFF encoder leading to out-of-bounds heap write - debian/patches/CVE-2026-33900.patch: add truncation check before AcquireVirtualMemory call in WriteVIFFImage in coders/viff.c - CVE-2026-33900 SECURITY UPDATE: out-of-bounds read in SampleImage via...