An update for libgphoto2 is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2785 Final 1.0 1.0 2026-06-24 Initial 2026-06-24 2026-06-24 openEuler SA Tool V1.0 2026-06-24 libgphoto2 security update An update for libgphoto2 is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4 is the core of gphoto2 software. It is a portable library which gives access to literally hundreds of digital cameras. Security Fix(es): libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptp_unpack_EOS_events() have xsize available but never pass it, leaving both functions unable to validate reads against the actual buffer boundary. Commit 1817ecead20c2aafa7549dac9619fe38f47b2f53 patches the issue.(CVE-2026-40333) libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (lines 884–885). When processing a secondary enumeration list (introduced in 2024+ Sony cameras), the function overwrites dpd->FORM.Enum.SupportedValue with a new calloc() without freeing the previous allocation from line 857. The original array and any string values it contains are leaked on every property descriptor parse. Commit 404ff02c75f3cb280196fc260a63c4d26cf1a8f6 fixes the issue.(CVE-2026-40336) An update for libgphoto2 is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP4/openEuler-24.03-LTS/openEuler-24.03-LTS-Next/openEuler-24.03-LTS-SP1/openEuler-24.03-LTS-SP2/openEuler-24.03-LTS-SP3/openEuler-24.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium libgphoto2 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2785 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-40333 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-40336 https://nvd.nist.gov/vuln/detail/CVE-2026-40333 https://nvd.nist.gov/vuln/detail/CVE-2026-40336 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 libgphoto2-2.5.34-1.oe2403sp1.aarch64.rpm libgphoto2-debuginfo-2.5.34-1.oe2403sp1.aarch64.rpm libgphoto2-debugsource-2.5.34-1.oe2403sp1.aarch64.rpm libgphoto2-devel-2.5.34-1.oe2403sp1.aarch64.rpm libgphoto2-2.5.34-1.oe2403sp3.aarch64.rpm libgphoto2-debuginfo-2.5.34-1.oe2403sp3.aarch64.rpm libgphoto2-debugsource-2.5.34-1.oe2403sp3.aarch64.rpm libgphoto2-devel-2.5.34-1.oe2403sp3.aarch64.rpm libgphoto2-2.5.34-1.oe2003sp4.aarch64.rpm libgphoto2-debuginfo-2.5.34-1.oe2003sp4.aarch64.rpm libgphoto2-debugsource-2.5.34-1.oe2003sp4.aarch64.rpm libgphoto2-devel-2.5.34-1.oe2003sp4.aarch64.rpm libgphoto2-2.5.34-1.oe2203sp4.aarch64.rpm libgphoto2-debuginfo-2.5.34-1.oe2203sp4.aarch64.rpm libgphoto2-debugsource-2.5.34-1.oe2203sp4.aarch64.rpm libgphoto2-devel-2.5.34-1.oe2203sp4.aarch64.rpm libgphoto2-2.5.34-1.oe2403sp1.src.rpm libgphoto2-2.5.34-1.oe2403sp3.src.rpm libgphoto2-2.5.34-1.oe2003sp4.src.rpm libgphoto2-2.5.34-1.oe2203sp4.src.rpm libgphoto2-2.5.34-1.oe2403sp1.x86_64.rpm libgphoto2-debuginfo-2.5.34-1.oe2403sp1.x86_64.rpm libgphoto2-debugsource-2.5.34-1.oe2403sp1.x86_64.rpm libgphoto2-devel-2.5.34-1.oe2403sp1.x86_64.rpm libgphoto2-2.5.34-1.oe2403sp3.x86_64.rpm libgphoto2-debuginfo-2.5.34-1.oe2403sp3.x86_64.rpm libgphoto2-debugsource-2.5.34-1.oe2403sp3.x86_64.rpm libgphoto2-devel-2.5.34-1.oe2403sp3.x86_64.rpm libgphoto2-2.5.34-1.oe2003sp4.x86_64.rpm libgphoto2-debuginfo-2.5.34-1.oe2003sp4.x86_64.rpm libgphoto2-debugsource-2.5.34-1.oe2003sp4.x86_64.rpm libgphoto2-devel-2.5.34-1.oe2003sp4.x86_64.rpm libgphoto2-2.5.34-1.oe2203sp4.x86_64.rpm libgphoto2-debuginfo-2.5.34-1.oe2203sp4.x86_64.rpm libgphoto2-debugsource-2.5.34-1.oe2203sp4.x86_64.rpm libgphoto2-devel-2.5.34-1.oe2203sp4.x86_64.rpm libgphoto2-help-2.5.34-1.oe2403sp1.noarch.rpm libgphoto2-help-2.5.34-1.oe2403sp3.noarch.rpm libgphoto2-help-2.5.34-1.oe2003sp4.noarch.rpm libgphoto2-help-2.5.34-1.oe2203sp4.noarch.rpm libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptp_unpack_EOS_events() have xsize available but never pass it, leaving both functions unable to validate reads against the actual buffer boundary. Commit 1817ecead20c2aafa7549dac9619fe38f47b2f53 patches the issue. 2026-06-24 CVE-2026-40333 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 Medium 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H libgphoto2 security update 2026-06-24 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2785 libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (lines 884–885). When processing a secondary enumeration list (introduced in 2024+ Sony cameras), the function overwrites dpd->FORM.Enum.SupportedValue with a new calloc() without freeing the previous allocation from line 857. The original array and any string values it contains are leaked on every property descriptor parse. Commit 404ff02c75f3cb280196fc260a63c4d26cf1a8f6 fixes the issue. 2026-06-24 CVE-2026-40336 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 Low 2.4 AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L libgphoto2 security update 2026-06-24 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2785