[ubuntu/jammy-updates] libraw 0.20.2-2ubuntu2.22.04.1 (Accepted)

[Ubuntu Archive Robot]

libraw (0.20.2-2ubuntu2.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/CVE-2021-32142.patch: check for input buffer size on
      datastream::gets in src/libraw_datastream.cpp.
    - CVE-2021-32142
  * SECURITY UPDATE: heap-buffer-overflow in raw2image_ex()
    - debian/patches/CVE-2023-1729.patch: do not set shrink flag for 3/4
      component images in src/preprocessing/raw2image.cpp.
    - CVE-2023-1729

Date: 2023-06-01 18:25:07.213328+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libraw/0.20.2-2ubuntu2.22.04.1
-------------- next part --------------
Sorry, changesfile not available.