[ubuntu/bionic-security] libraw 0.18.8-1ubuntu0.2 (Accepted)

Alex Murray alex.murray at canonical.com
Thu Dec 6 02:33:43 UTC 2018


libraw (0.18.8-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple memory management issues
    - debian/patches/CVE-2018-5807_5810_5811_5812.patch: out-of-bounds
      reads, heap-based buffer overflow and NULL pointer dereference in
      internal/dcraw_common.cpp
    - CVE-2018-5807
    - CVE-2018-5810
    - CVE-2018-5811
    - CVE-2018-5812
  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2018-5813.patch: infinite loop in dcraw/dcraw.c
      and internal/dcraw_common.cpp
    - CVE-2018-5813
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-5815.patch: integer overflow in
      internal/dcraw_common.cpp
    - CVE-2018-5815
  * SECURITY UPDATE: Divide by zero
    - debian/patches/CVE-2018-5816.patch: divide by zero in
      internal/dcraw_common.cpp
    - CVE-2018-5816

Date: 2018-12-06 01:31:12.148310+00:00
Changed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/libraw/0.18.8-1ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list