ALSA-2026:13284

[ALSA-2026:13284] Important: LibRaw security update

Type:

security

Severity:

important

Release date:

2026-05-05

Description:

LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others).  

Security Fix(es):  

  * LibRaw: LibRaw: Memory Corruption via Malicious File Processing (CVE-2026-24660)
  * LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading (CVE-2026-21413)
  * LibRaw: LibRaw: Arbitrary code execution via specially crafted image file (CVE-2026-20889)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
i686	LibRaw-devel-0.19.5-6.el8_10.i686.rpm	097c166e5e75fa37c24bcaa1d91cc3700d823f044ae4d18a77e2e0b1560c8a05
i686	LibRaw-0.19.5-6.el8_10.i686.rpm	48f532933dd5ee723cad450c77395f2ab55cb53c4120089f0e9f118ca98759a9
ppc64le	LibRaw-devel-0.19.5-6.el8_10.ppc64le.rpm	2105eaf1fb83985b7a5b584a701ce616b47754ab6100c1f3fb1549538a2f9ab0
ppc64le	LibRaw-0.19.5-6.el8_10.ppc64le.rpm	f75c9fb514065f9cd6378b6946ff7c34c465c353d0467e461dc24a4d1a673d71
x86_64	LibRaw-0.19.5-6.el8_10.x86_64.rpm	4a992f82f3d26f0e7264aa2b3c5b12018ee90b2fd8ee13ac0a52dbb898c020e6
x86_64	LibRaw-devel-0.19.5-6.el8_10.x86_64.rpm	d65fb9d6432cad52c76062cd07fc7d7d28538ab7b6539706fe2e9c417f03640e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.