ALT-PU-2024-5975-1

Package update vips in branch sisyphus

Version8.15.1-alt1

Published2024-04-05

Max severityMEDIUM

Severity:

Closed issues (1)

MEDIUM5.5

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.

Published: 2023-09-11Modified: 2025-04-21

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References