[ubuntu/trusty-updates] libraw 0.15.4-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Nov 22 21:28:09 UTC 2017
libraw (0.15.4-1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: integer overflow in ljpeg_start
- debian/patches/CVE-2015-3885.patch: use ushort in dcraw/dcraw.c,
internal/dcraw_common.cpp.
- CVE-2015-3885
* SECURITY UPDATE: index overflow and lack of initialization
- debian/patches/CVE-2015-836x.patch: add checks to dcraw/dcraw.c,
internal/dcraw_common.cpp, add proper initialization to
src/libraw_cxx.cpp.
- CVE-2015-8366
- CVE-2015-8367
* SECURITY UPDATE: memory corruption in parse_tiff_ifd
- debian/patches/CVE-2017-688x.patch: add checks to dcraw/dcraw.c,
internal/dcraw_common.cpp.
- CVE-2017-6886
- CVE-2017-6887
* SECURITY UPDATE: floating point exception in kodak_radc_load_raw
- debian/patches/CVE-2017-13735.patch: add checks to dcraw/dcraw.c,
internal/dcraw_common.cpp.
- CVE-2017-13735
* SECURITY UPDATE: buffer overflow in xtrans_interpolate
- debian/patches/CVE-2017-14265.patch: add checks to dcraw/dcraw.c.
- CVE-2017-14265
* SECURITY UPDATE: out of bounds read in kodak_65000_load_raw
- debian/patches/CVE-2017-14608.patch: add checks to dcraw/dcraw.c,
internal/dcraw_common.cpp.
- CVE-2017-14608
Date: 2017-11-16 19:55:54.897708+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libraw/0.15.4-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list