[SECURITY] [DLA 4148-1] vips security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4148-1] vips security update
From: Guilhem Moulin <guilhem@debian.org>
Date: Wed, 30 Apr 2025 22:03:35 +0200
Message-id: <[🔎] aBKCF8zRct5HT7_7@debian.org>
Mail-followup-to: debian-lts-announce@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4148-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                       Guilhem Moulin
April 30, 2025                                https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : vips
Version        : 8.10.5-2+deb11u1
CVE ID         : CVE-2025-29769

A heap-based buffer overflow was discovered in vips, an image processing
system, which could lead to denial of service when processing specially
crafted TIFF images.

For Debian 11 bullseye, this problem has been fixed in version
8.10.5-2+deb11u1.

We recommend that you upgrade your vips packages.

For the detailed security status of vips please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vips

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: [SECURITY] [DLA 4147-1] fig2dev security update
Next by Date: [SECURITY] [DLA 4126-2] jinja2 regression update
Previous by thread: [SECURITY] [DLA 4147-1] fig2dev security update
Next by thread: [SECURITY] [DLA 4126-2] jinja2 regression update
Index(es):
- Date
- Thread