Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
GeGL Image Processing Software: Heap Buffer Overflow Risk
SUSE-SU-2026:1496-1
Summary
A security update for GeGL fixes a bug that can cause a memory overflow when processing certain image files. This could potentially allow an attacker to execute malicious code. Users should update to the latest version to ensure their system remains secure.
What to do
- Update gegl to version 0.3.34-150000.3.9.1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| SUSE:Linux Enterprise Workstation Extension 15 SP7 | – | gegl |
< 0.3.34-150000.3.9.1 Fix: upgrade to 0.3.34-150000.3.9.1
|
Original title
Security update for gegl
Original description
This update for gegl fixes the following issues:
- CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap
buffer overflow (bsc#1259749).
- CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap
buffer overflow (bsc#1259749).
- https://www.suse.com/support/update/announcement/2026/suse-su-20261496-1/ Vendor Advisory
- https://bugzilla.suse.com/1259749 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2026-2049 URL
Published: 20 Apr 2026 · Updated: 22 Apr 2026 · First seen: 22 Apr 2026