{"id":"MGASA-2026-0171","summary":"Updated libcaca packages fix security vulnerability","details":"Heap OOB write in canvas import functions caused by int overflow.\n(CVE-2026-42046)\n","modified":"2026-06-02T05:30:05.309393351Z","published":"2026-06-02T05:23:04Z","upstream":["CVE-2026-42046"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0171.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=35600"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8318-1"},{"type":"ADVISORY","url":"https://github.com/cacalabs/libcaca/security/advisories/GHSA-4vvg-vrqv-m56w"},{"type":"REPORT","url":"https://github.com/cacalabs/libcaca/issues/86"}],"affected":[{"package":{"name":"libcaca","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libcaca?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.99-0.beta19.11.1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0171.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}