Security News

Cybersecurity news aggregator

🐧
MEDIUM Updates Debian Security

DSA-6262-1 lcms2 - security update

cve-2026-41254cve-2026-42798debianlcms2
  • What: Security update for lcms2
  • Impact: Fixes integer overflows in the color management library
Read Full Article →

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6262-1] lcms2 security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6262-1] lcms2 security update From: Moritz Muehlenhoff <jmm@debian.org> Date: Sun, 10 May 2026 16:00:20 +0000 Message-id: <[🔎] agCrlE5UvMsA4YLE@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6262-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lcms2 CVE ID : CVE-2026-41254 CVE-2026-42798 Two integer overflows were discovered in the LittleCMS 2 colour management library. For the oldstable distribution (bookworm), this problem has been fixed in version 2.14-2+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 2.16-2+deb13u2. We recommend that you upgrade your lcms2 packages. For the detailed security status of lcms2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lcms2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmoAqlwACgkQEMKTtsN8 TjYH7g/9F6L8wuajS+U8gPJgapr1T8Z6P9yZIqa4oFDiQsQrMRsA2ZyFFNq/FgrS lVVTyGXGczHUukBWpbInPkGxBPnaw1ODJRQBI6YpS+xt9VXIGJpwkLa22rbsfiNr EpASxxccLQCl1tJyp70KxNQszHILMKMu5HhqXNOSzkDA4IcwiBwqZQEBSeYDFZPT IRjOwwZt3pu27Tuuh9aO3MwrFdt79++x/lfKYxQbfilqAMFfzzvlm3CP6uAp+wVu uAHMJC4m3kAIy1Ierln/zU4PhyhuUgsa7qHEFwCbfOcwd4YmYffwVf0R0KoiLfsk EBYolfhCa2zRv9lqN4P4lbFhY4cgL/bvNtnrkjITdtC741ddc9KghvqE6wrP+YVB CRURkmkxIz+4SG/0uijQw26JXnBi3Wwetbu4yb6IE2FWRH1rx5pBl0XtbQ8MfnTU p0s4LGn+OI/rOC6dNYWp/z/2IYU7D8cshUxhqVfwsF2UF0vAeDkJ5rNbZAJO5bKr P4a7r3n+2Y26P8EqbsELMgFMElWUo8xlBvJityfDx4TDxE8jN7+ShtQ5k1iiZtey NX6oKzqvRFpFBs8D3DY8RICjvOOUueQjc2F7UN1HJuQ4SFvHM04Zgw2z/DfXoREc SlEbsYifBrCM/UM3ZE2Rk75f0B40f8HDxXYnXn7fHIaUiBF5NfQ= =bqYK -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6261-1] corosync security update Next by Date: [SECURITY] [DSA 6263-1] libpng1.6 security update Previous by thread: [SECURITY] [DSA 6261-1] corosync security update Next by thread: [SECURITY] [DSA 6263-1] libpng1.6 security update Index(es): Date Thread

Related Articles

MEDIUM Multiples vulnérabilités dans les produits Microsoft (29 avril 2026) CERT-FR (ANSSI) INFO USN-8250-1: Little CMS vulnerability Ubuntu Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn