FEDORA-2017-90500f87f3

security update in Fedora 26 for LibRaw

Status: stable 2 years ago
Fix for possible buffer overrun in kodak_65000 decoder
Fix for possible heap overrun in Canon makernotes parser
Fix for CVE-2017-13735
CVE-2017-14265: Additional check for X-Trans CFA pattern data

Patch for CVE-2017-14348

Comments 9

This update has been submitted for testing by limb.

This update has obsoleted LibRaw-0.18.4-2.fc26, and has inherited its bugs and notes.

This update has been pushed to testing.

It works for me

karma: +1

OK no regression noted :) :)

karma: +1

no regressions noted

karma: +1

This update has been submitted for stable by bodhi.

works for me

karma: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+4
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 3

00 #1488947 CVE-2017-13735 libraw: Floating point exception in kodak_radc_load_raw function in internal/dcraw_common.cpp [fedora-all]
00 #1492122 CVE-2017-14348 libraw: Heap-based 1 byte buffer over-write in processCanonCameraInfo function in internal/dcraw_common.cpp [fedora-all]
00 #1494522 LibRaw-0.18.5 is available

Automated Test Results