KDE Project Security Advisory
=============================

Title:           Skanpage: Files are not correctly overwritten
Risk Rating:     Low
CVE:             CVE-2025-55174
Versions:        skanpage < 25.08.0
Author:          Albert Astals Cid <aacid@kde.org>
Date:            11 August 2025

Overview
========

Skanpage is scanning application.

The code of the application was not correctly truncating files when
overwritting existing files.

Impact
======

If you overwrite a a large file, it is possible the resulting file would have the contents
of the new file at the beginning followed by partial contents of the old file at the end.

Workaround
==========

Do not overwrite files when saving in Skanpage.

Solution
========

Update to skanpage 25.08.0 or apply the following patch to 25.04.3
  https://commits.kde.org/skanpage/19308900da27b46739f2360426b91479e7179a2f

Credits
=======

Thanks to Jeff Robertson for reporting and fixing the issue.