Package: vips / 8.18.0-3

Metadata

Package Version Patches format
vips 8.18.0-3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
CVE 2026 2913.patch | (download)

ChangeLog | 5 5 + 0 - 0 !
libvips/iofuncs/source.c | 16 14 + 2 - 0 !
2 files changed, 19 insertions(+), 2 deletions(-)

 
 [patch] source: guard against length truncation (#4858)

GByteArray stores its length as guint, while libvips uses a 64-bit
length. Passing values larger than UINT_MAX could silently truncate
the length. Add checks to prevent overflow.

Resolves: #4857.
CVE 2026 3283_CVE 2026 3284.patch | (download)

ChangeLog | 1 1 + 0 - 0 !
libvips/conversion/extract.c | 6 3 + 3 - 0 !
2 files changed, 4 insertions(+), 3 deletions(-)

 
 [patch] extract: check bounds using unsigned arith #4879 #4880
 (#4887)
CVE 2026 3145_CVE 2026 3146.patch | (download)

ChangeLog | 1 1 + 0 - 0 !
libvips/foreign/matrixload.c | 17 10 + 7 - 0 !
2 files changed, 11 insertions(+), 7 deletions(-)

 
 [patch] matrixload: guard against empty and very large inputs (#4888)

Also ensure consistent matrixload error message prefix
CVE 2026 3282.patch | (download)

ChangeLog | 1 1 + 0 - 0 !
libvips/conversion/unpremultiply.c | 4 4 + 0 - 0 !
2 files changed, 5 insertions(+)

 
 [patch] unpremultiply: check alpha_band is in range #4881 (#4886)
CVE 2026 3147.patch | (download)

ChangeLog | 1 1 + 0 - 0 !
libvips/foreign/csvload.c | 7 7 + 0 - 0 !
2 files changed, 8 insertions(+)

 
 [patch] csvload: check whitespace and separator are ascii (#4894)
CVE 2026 3281.patch | (download)

ChangeLog | 1 1 + 0 - 0 !
libvips/conversion/bandrank.c | 4 4 + 0 - 0 !
2 files changed, 5 insertions(+)

 
 [patch] bandrank: check index is in range #4878 (#4895)