Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
libcaca: Data can be written outside memory limits
MGASA-2026-0171
Summary
The libcaca library, used in some graphics applications, has a security issue that could allow an attacker to write data outside the intended memory limits. This could potentially be exploited by malicious code. Users of libcaca should update to the latest version to fix this issue.
What to do
- Update libcaca to version 0.99-0.beta19.11.1.mga9.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Mageia:9 | – | libcaca |
< 0.99-0.beta19.11.1.mga9 Fix: upgrade to 0.99-0.beta19.11.1.mga9
|
Original title
Updated libcaca packages fix security vulnerability
Original description
Heap OOB write in canvas import functions caused by int overflow.
(CVE-2026-42046)
(CVE-2026-42046)
- https://advisories.mageia.org/MGASA-2026-0171.html Vendor Advisory
- https://bugs.mageia.org/show_bug.cgi?id=35600 Third Party Advisory
- https://ubuntu.com/security/notices/USN-8318-1 Vendor Advisory
- https://github.com/cacalabs/libcaca/security/advisories/GHSA-4vvg-vrqv-m56w Vendor Advisory
- https://github.com/cacalabs/libcaca/issues/86 Third Party Advisory
Published: 2 Jun 2026 · Updated: 2 Jun 2026 · First seen: 2 Jun 2026