-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4568-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 06, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : lcms2 Version : 2.8-4+deb9u2 CVE ID : CVE-2026-41254 Debian Bug : 1134335 It was discovered that there was an integer overflow vulnerability in lcms2, aka Little CMS. For Debian 11 bullseye, this problem has been fixed in version 2.8-4+deb9u2. We recommend that you upgrade your lcms2 packages. For the detailed security status of lcms2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lcms2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmn7kE0ACgkQHpU+J9Qx HljNeRAAlQf6/7Q6OW/TIFm6NyJL46qpn1tAK6P8B9/i5HW9YbI18iECo4RiBnPS SX4HubAQkEc3bQjfDhIfUxNOII5/xg/xCnnFLC+6P5xANYPK1igBzG2INmVXYHgG Gp507TCd5RQWtaZy7NyFNz+GHexmWN6CCXL0RJZt8Yeb8+yZU46utrU56UrbeEFD VYfNJmzQ/TenHM2kn8Mgs16mca9trBgIccuQ2/x25mrWcgU+PXCLqeGTJOBoDtOj +HEMu4azDqN8lb3jfECqG7FyxGZQ73jHq0KzHPPLhmGVZ9Irkubo2dK/Nh/8zAg3 dBncmq8in4qCKcCnjvqiJZbuQpA/n4EFvGzAAScAf5sOtrpJR+n1D3nReIupgTU5 hehZ2n8Wnoc8osr5JIWXpZMVKhaI7A6FUi/A1VtXnmGuLDxoh/QwflOmobDxYrM+ 2nv8NJdbG+7LU6xbQ8H+Uju+KQVgP71XWxCxR3Kg/emWXqGyClUq+cOcgxfuoq3S jvoR+R/fupCjbn47gfaK8q0o3oUDeATeNpbS6+lMmJTq2DesjI+iD7A5Nwbl3/8/ 5mCjv3DjzAvdMvD5RXbCWTTTPi9JEXF5b+Xx6ZmtcCc0Qr/QN/Hxu5T9H/zbNX8e 2gVvedSq8FMgWlDc5e4chvAU8rwGuqioVg9cGxISotdUQgJM38k= =sQtE -----END PGP SIGNATURE-----
