[ubuntu/trusty-security] libraw 0.15.4-1ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Nov 22 18:22:53 UTC 2017

libraw (0.15.4-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: integer overflow in ljpeg_start
    - debian/patches/CVE-2015-3885.patch: use ushort in dcraw/dcraw.c,
    - CVE-2015-3885
  * SECURITY UPDATE: index overflow and lack of initialization
    - debian/patches/CVE-2015-836x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp, add proper initialization to
    - CVE-2015-8366
    - CVE-2015-8367
  * SECURITY UPDATE: memory corruption in parse_tiff_ifd
    - debian/patches/CVE-2017-688x.patch: add checks to dcraw/dcraw.c,
    - CVE-2017-6886
    - CVE-2017-6887
  * SECURITY UPDATE: floating point exception in kodak_radc_load_raw
    - debian/patches/CVE-2017-13735.patch: add checks to dcraw/dcraw.c,
    - CVE-2017-13735
  * SECURITY UPDATE: buffer overflow in xtrans_interpolate
    - debian/patches/CVE-2017-14265.patch: add checks to dcraw/dcraw.c.
    - CVE-2017-14265
  * SECURITY UPDATE: out of bounds read in kodak_65000_load_raw
    - debian/patches/CVE-2017-14608.patch: add checks to dcraw/dcraw.c,
    - CVE-2017-14608

Date: 2017-11-16 19:55:54.897708+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list