Opened 5 years ago

Closed 5 years ago

#11477 closed enhancement (fixed)

LibRaw-0.19.2

Reported by: Douglas R. Reno Owned by: Bruce Dubbs
Priority: normal Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (3)

comment:1 by Bruce Dubbs, 5 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 5 years ago

LibRaw 0.19.2

2018-12-24

  • Fixed possible buffer overrun at Fuji makernotes parser
  • Fixed possible write to NULL pointer at raw2image/raw2image_ex calls. Details:
    • Three different CVE numbers was assigned for single problem: CVE-2018-20363, CVE-2018-20364, CVE-2018-20365
    • The POCs exploits inconsistency in Sinar-4Shot files handling. LibRaw 0.19 does not support this files format, so it is not subject of exactly same problem
    • However, additional checks for bayer raw data presence are backported from LibRaw-master (development) branch.

comment:3 by Bruce Dubbs, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 20917.

Note: See TracTickets for help on using tickets.