A graph based image processing framework
Backport upstream fix for CVE-2026-2050 (ZDI-CAN-28266) to
gegl 0.2.0. The new patch (gegl-0.2.0-CVE-2026-2050.patch)
adds a buffer overflow guard in rgbe_read_new_rle() in
libs/rgbe/rgbe.c to ensure the run length does not exceed
remaining buffer capacity before writing.
CVE: CVE-2026-2050
Upstream patches:
-
|
||
|---|---|---|
| .gitignore | ||
| 0001-matting-levin-Fix-the-build-with-recent-suitesparse-.patch | ||
| gating.yaml | ||
| gegl-0.2.0-CVE-2012-4433.patch | ||
| gegl-0.2.0-CVE-2026-2050.patch | ||
| gegl-0.2.0-libopenraw.patch | ||
| gegl-0.2.0-linker-flags.patch | ||
| gegl-0.2.0-lua-5.2.patch | ||
| gegl-0.2.0-ppc64-rand-fix.patch | ||
| gegl-0.2.0-remove-src-over-op.patch | ||
| gegl-build-without-exiv2.patch | ||
| gegl.spec | ||
| sources | ||