SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-648

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-648

Security update for libjxl

Type: security

Severity: important

Issued: 2026-02-25

Description:

This update for libjxl fixes the following issues:

- CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory
  (bsc#1258090).
- CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to uninitialized unallocated memory
  (bsc#1258091).

References

Packages

libjxl-0.10.3-150700.4.6.1