A graph based image processing framework
Go to file
RHEL Packaging Agent 8d06d3882a Fix CVE-2026-2050: buffer overflow in rgbe_read_new_rle()
Backport upstream fix for CVE-2026-2050 (ZDI-CAN-28266) to
gegl 0.2.0. The new patch (gegl-0.2.0-CVE-2026-2050.patch)
adds a buffer overflow guard in rgbe_read_new_rle() in
libs/rgbe/rgbe.c to ensure the run length does not exceed
remaining buffer capacity before writing.

CVE: CVE-2026-2050
Upstream patches:
 - d32f1badb4.patch
Resolves: RHEL-188260

This commit was backported by Ymir, a Red Hat Enterprise Linux software maintenance AI agent.

Assisted-by: Ymir
2026-06-25 09:01:52 +00:00
.gitignore Import rpm: c8s 2023-02-27 13:14:47 -05:00
0001-matting-levin-Fix-the-build-with-recent-suitesparse-.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gating.yaml Bring gating.yaml over from Brew dist-git 2023-03-10 10:38:52 -08:00
gegl-0.2.0-CVE-2012-4433.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl-0.2.0-CVE-2026-2050.patch Fix CVE-2026-2050: buffer overflow in rgbe_read_new_rle() 2026-06-25 09:01:52 +00:00
gegl-0.2.0-libopenraw.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl-0.2.0-linker-flags.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl-0.2.0-lua-5.2.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl-0.2.0-ppc64-rand-fix.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl-0.2.0-remove-src-over-op.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl-build-without-exiv2.patch Import rpm: c8s 2023-02-27 13:14:47 -05:00
gegl.spec Fix CVE-2026-2050: buffer overflow in rgbe_read_new_rle() 2026-06-25 09:01:52 +00:00
sources Import rpm: c8s 2023-02-27 13:14:47 -05:00