[ubuntu/bionic-security] libraw 0.18.8-1ubuntu0.3 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue May 21 12:41:51 UTC 2019

libraw (0.18.8-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: infinite loop issues
    - debian/patches/CVE-2018-581x.patch: add more checks to dcraw/dcraw.c,
    - CVE-2018-5817
    - CVE-2018-5818
    - CVE-2018-5819
  * SECURITY UPDATE: stack overflow in parse_makernote
    - debian/patches/CVE-2018-20337.patch: properly calculate length in
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2018-20337
  * SECURITY UPDATE: NULL deref in LibRaw::raw2image
    - debian/patches/CVE-2018-20363.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20363
  * SECURITY UPDATE: NULL deref in LibRaw::copy_bayer
    - debian/patches/CVE-2018-20364.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20364
  * SECURITY UPDATE: heap overflow in LibRaw::raw2image()
    - debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
    - CVE-2018-20365

Date: 2019-05-17 18:14:13.933096+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list