[ubuntu/kinetic-security] libraw 0.20.2-2ubuntu2.22.10.1 (Accepted)

[Marc Deslauriers]

libraw (0.20.2-2ubuntu2.22.10.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/CVE-2021-32142.patch: check for input buffer size on
      datastream::gets in src/libraw_datastream.cpp.
    - CVE-2021-32142
  * SECURITY UPDATE: heap-buffer-overflow in raw2image_ex()
    - debian/patches/CVE-2023-1729.patch: do not set shrink flag for 3/4
      component images in src/preprocessing/raw2image.cpp.
    - CVE-2023-1729

Date: 2023-06-01 18:25:11.043472+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libraw/0.20.2-2ubuntu2.22.10.1
-------------- next part --------------
Sorry, changesfile not available.