Red Hat Product Errata RHSA-2026:11328 - Security Advisory Issued: 2026-04-28 Updated: 2026-04-28 RHSA-2026:11328 - Security Advisory Overview Updated Packages Synopsis Important: gdk-pixbuf2 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fix(es): gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image (CVE-2026-5201) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2453291 - CVE-2026-5201 gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVEs CVE-2026-5201 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM gdk-pixbuf2-2.42.6-5.el9_4.1.src.rpm SHA-256: 4ad6ae2d72a7677ebdae88faf7467044411a4ee58ddb236d9a856f1ad9b43db1 x86_64 gdk-pixbuf2-2.42.6-5.el9_4.1.i686.rpm SHA-256: 604e065ae66cd7874930df0fec2ca5aa11d5a55cf8a5fe23346b0259d128476e gdk-pixbuf2-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: f449afe432b77dd6d0d4affc8c70b6d8ea22fe0ec2a16d6939c463961e7dc67a gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: f2f6bf64f5f880ff3ba4ab42659945f2e168bb9b8856d787e2a0f14d294c4472 gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 3acd858e1321edddb5d75e8b5ac31e6a86287f2941d99e0fbd10f8dd23a98371 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.i686.rpm SHA-256: 354c88e038666a914ad84bb3243d5f483db62a817f6573ab5fe27cf2f38e1417 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 9d411d87fea3ff3febe9c2579cf58a309308aa057f0f4cf1c332b5c60b7c8297 gdk-pixbuf2-devel-2.42.6-5.el9_4.1.i686.rpm SHA-256: b16e5fb2f232cc27105bca774f2e148251e53e2f0e3a5c64ab3be85e2b420a72 gdk-pixbuf2-devel-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: a263a59c2843e6ed587c9e90b819aac7701509bd5480d827320c1103575ff02a gdk-pixbuf2-devel-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: b324c2072bf85525f3a267ed777f66673258ec7807c49a879f729c7eaa563229 gdk-pixbuf2-devel-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 1c341338caedd80c7b543e275c25e7a3baecf0e54168879d2ccb2f80d66f0aa4 gdk-pixbuf2-modules-2.42.6-5.el9_4.1.i686.rpm SHA-256: 772653b86c54216feb955b2b266777cd0a944a0491c437b0990b7203de681151 gdk-pixbuf2-modules-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 3bd0c5af6e4237eac70ead4a1063b3bc6102ddbac32640ff4310fa9220a87593 gdk-pixbuf2-modules-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: 91d294c0d1bb5e208f93132fcf8ab58d50c1cd515dae77661a73eab70dbdad05 gdk-pixbuf2-modules-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 2587b2b5625297186acd6248c3a62d0e92e9ce870b322add5aec2797ec319eaf gdk-pixbuf2-tests-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: d3eae8fc5b8e9b81ed64e64f59de05786d75097b2dd1664a566f0a47da1e3149 gdk-pixbuf2-tests-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 58287d8de14ba710e35d5ce19b0082a8d850f759a5edfc9861998e03768fe3c2 Red Hat Enterprise Linux Server - AUS 9.4 SRPM gdk-pixbuf2-2.42.6-5.el9_4.1.src.rpm SHA-256: 4ad6ae2d72a7677ebdae88faf7467044411a4ee58ddb236d9a856f1ad9b43db1 x86_64 gdk-pixbuf2-2.42.6-5.el9_4.1.i686.rpm SHA-256: 604e065ae66cd7874930df0fec2ca5aa11d5a55cf8a5fe23346b0259d128476e gdk-pixbuf2-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: f449afe432b77dd6d0d4affc8c70b6d8ea22fe0ec2a16d6939c463961e7dc67a gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: f2f6bf64f5f880ff3ba4ab42659945f2e168bb9b8856d787e2a0f14d294c4472 gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 3acd858e1321edddb5d75e8b5ac31e6a86287f2941d99e0fbd10f8dd23a98371 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.i686.rpm SHA-256: 354c88e038666a914ad84bb3243d5f483db62a817f6573ab5fe27cf2f38e1417 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 9d411d87fea3ff3febe9c2579cf58a309308aa057f0f4cf1c332b5c60b7c8297 gdk-pixbuf2-devel-2.42.6-5.el9_4.1.i686.rpm SHA-256: b16e5fb2f232cc27105bca774f2e148251e53e2f0e3a5c64ab3be85e2b420a72 gdk-pixbuf2-devel-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: a263a59c2843e6ed587c9e90b819aac7701509bd5480d827320c1103575ff02a gdk-pixbuf2-devel-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: b324c2072bf85525f3a267ed777f66673258ec7807c49a879f729c7eaa563229 gdk-pixbuf2-devel-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 1c341338caedd80c7b543e275c25e7a3baecf0e54168879d2ccb2f80d66f0aa4 gdk-pixbuf2-modules-2.42.6-5.el9_4.1.i686.rpm SHA-256: 772653b86c54216feb955b2b266777cd0a944a0491c437b0990b7203de681151 gdk-pixbuf2-modules-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 3bd0c5af6e4237eac70ead4a1063b3bc6102ddbac32640ff4310fa9220a87593 gdk-pixbuf2-modules-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: 91d294c0d1bb5e208f93132fcf8ab58d50c1cd515dae77661a73eab70dbdad05 gdk-pixbuf2-modules-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 2587b2b5625297186acd6248c3a62d0e92e9ce870b322add5aec2797ec319eaf gdk-pixbuf2-tests-debuginfo-2.42.6-5.el9_4.1.i686.rpm SHA-256: d3eae8fc5b8e9b81ed64e64f59de05786d75097b2dd1664a566f0a47da1e3149 gdk-pixbuf2-tests-debuginfo-2.42.6-5.el9_4.1.x86_64.rpm SHA-256: 58287d8de14ba710e35d5ce19b0082a8d850f759a5edfc9861998e03768fe3c2 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM gdk-pixbuf2-2.42.6-5.el9_4.1.src.rpm SHA-256: 4ad6ae2d72a7677ebdae88faf7467044411a4ee58ddb236d9a856f1ad9b43db1 s390x gdk-pixbuf2-2.42.6-5.el9_4.1.s390x.rpm SHA-256: 4a85dc2eaf82f2fe7f255aca6fc08da70907f209d5c480d3fa02e00948fac22a gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.s390x.rpm SHA-256: a2d38c988e626f8f33dc078d2b392b58cab3ff0319c8f0fc8879a1ed7c2764f8 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.s390x.rpm SHA-256: 9c501177e8f57c2b961bd08be592efec877bfd457d81f96d61f46fc9d6a5b44f gdk-pixbuf2-devel-2.42.6-5.el9_4.1.s390x.rpm SHA-256: 8a7ce8d43f3c07c2290ce45d6e859119ee73ab8e8af528d59d029c00ab3962df gdk-pixbuf2-devel-debuginfo-2.42.6-5.el9_4.1.s390x.rpm SHA-256: 5243081f97340fb6f023342e2dea73a87d363c2a447a8993941111e04d368126 gdk-pixbuf2-modules-2.42.6-5.el9_4.1.s390x.rpm SHA-256: 22e17aeefb6bae194d300b85870a5d9b6a1663a6c53668642efda7bc7249bbce gdk-pixbuf2-modules-debuginfo-2.42.6-5.el9_4.1.s390x.rpm SHA-256: ce149c7c63209a0e4d4cedc5e1ed944380fdb2caf662f510620daf11659fd1e1 gdk-pixbuf2-tests-debuginfo-2.42.6-5.el9_4.1.s390x.rpm SHA-256: e81a8cebef48aeca7f37b0a06e3854143748bd4eab00452d3aa85313698061ce Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 SRPM gdk-pixbuf2-2.42.6-5.el9_4.1.src.rpm SHA-256: 4ad6ae2d72a7677ebdae88faf7467044411a4ee58ddb236d9a856f1ad9b43db1 ppc64le gdk-pixbuf2-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: 887f1af38e5fa92af12b3945dcd7d6724647c0583e094f947da0ebd68ac31e21 gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: f3dcaa66393387c2db85d4944c9c2e1bbdad499146d847675cf90e8f45eeb347 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: ad1b65b3dd9ba35dc282853ef3d6801c8f875123146a3b49e2bb348d201fd4b3 gdk-pixbuf2-devel-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: 5ca9932a5578dc3c5564ef7762928e24ebaa153fad104a5b1b7bd3bd3314e085 gdk-pixbuf2-devel-debuginfo-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: 7d40083c740d4814f866fa10880c56cf4787587152682c734412b8eeb7e6a812 gdk-pixbuf2-modules-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: 4998070cae8dd6b099f8f092fe0244bdc8350071851454890c110028462f4617 gdk-pixbuf2-modules-debuginfo-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: 30284415445167ea6da549b659fe5b5ab67144b225bd86f224df0e851d891e64 gdk-pixbuf2-tests-debuginfo-2.42.6-5.el9_4.1.ppc64le.rpm SHA-256: 53368df2a5e69ac493d6fce53870cdd0e9f8e63efc246c1f7372eba03c362944 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 SRPM gdk-pixbuf2-2.42.6-5.el9_4.1.src.rpm SHA-256: 4ad6ae2d72a7677ebdae88faf7467044411a4ee58ddb236d9a856f1ad9b43db1 aarch64 gdk-pixbuf2-2.42.6-5.el9_4.1.aarch64.rpm SHA-256: affad82da8be8e558c6c350039f77cfa5ed60a4d7c56c64dcb8c5ca09fffb40f gdk-pixbuf2-debuginfo-2.42.6-5.el9_4.1.aarch64.rpm SHA-256: 2b84965c0f95c320ec5a839e8164428a62303483c5bd7be069991236915155b5 gdk-pixbuf2-debugsource-2.42.6-5.el9_4.1.aarch64.rpm SHA-256: 50463715495ba04f8aa731