Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in vips
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in vips
ID: DSA-5915-1
Distribution: Debian
Plattformen: Debian bookworm
Datum: Sa, 3. Mai 2025, 23:11
Referenzen: https://www.cve.org/CVERecord?id=CVE-2025-29769
Applikationen: VIPS

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5915-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 03, 2025                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : vips
CVE ID         : CVE-2025-29769

A heap-based buffer overflow vulnerability was discovered in vips, an
fast image processing library designed with efficiency in mind, which
may result in denial of service (application crash) if a specially
crafted TIFF image file is processed.

For the stable distribution (bookworm), this problem has been fixed in
version 8.14.1-3+deb12u2.

We recommend that you upgrade your vips packages.

For the detailed security status of vips please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/vips

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmgVquVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RVTw//WG9GuyGDgmPI1TK0fL5GZR4r/rdKjGOcTcD1rc0hVkc5Aq8r8z5HUEC4
abiQwmUafP4o6gxKZKLIx0RhyweELUb/lvul0E8kZYhBH/teCWzabcCPHpXJauU5
Zuq/zYpuN9pS67nNx4yGqc2gW4r+1p7DS6d+qY2qCfrwxrw1M3OnpGYeNTJ46N7O
c6XZ1FX72qXlqwp6GTKQKuRCHfuRVTqKs/nyS4/f+KcJeQkwhLqhLW5KOZ025AUV
rwbunBxdabV9AMxNaCPGiRWCwQx1cFaJd/7xpi84NEMVDS1xjkcTk0MznfqcBcTC
P0vfUWMC1lN4gC5UiXbywYC18E3nGKaGYfUX6uAPV9KhqSJFKMPoFmFjkOEY1ITU
wbuRSVIcuWYHmkYd7GC3TSbP08vyTQZ0TTVzEU860Y8/6l0ZG+B+w66EDjU4ye0V
ToDIpnrvUbT2QfhPnuSHqDzNkOSZm9wTjQ9DqkoR4asNprEpd+ZO1jBGWUj4hyEc
+Zm/iQxl8NHSNxunPhan+NpyTBqFYC84nyNKJAgGp+vYVSxQhoZHymFnY22GsyKk
+SOpKJzvjZKwQG07Q70caHwIcJcWpv8FBHyT8iurI2uPwxa2W/zxcvhOxIkC92wl
qsO5IR/L5TQeSvj4jWA6vtFw2P+5g93tZkNZ8ja/4ZvjwxDlqNY=
=Rtes
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung