FEDORA-2017-f04296e37e — security update for LibRaw

stable

LibRaw-0.18.4-2.fc27

FEDORA-2017-f04296e37e created by limb 8 years ago for Fedora 27

Patch for CVE-2017-14348

Fix for possible heap overrun in Canon makernotes parser
Fix for CVE-2017-13735
CVE-2017-14265: Additional check for X-Trans CFA pattern data

LibRaw 0.18.3

Fix for CVE-2017-13735
Additional checks for X-Trans CFA pattern data

Patch for CVE-2017-13735.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-f04296e37e

This update has been submitted for testing by limb.

8 years ago

This update has obsoleted LibRaw-0.18.4-1.fc27, and has inherited its bugs and notes.

8 years ago

This update has been pushed to testing.

8 years ago

pwalter commented & provided feedback 8 years ago

karma

Works

cserpentis commented & provided feedback 8 years ago

karma

works for me in a VM

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

This update has been submitted for stable by limb.

8 years ago

This update has been pushed to stable.

8 years ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

8 years ago

in testing

8 years ago

in stable

8 years ago

Builds

LibRaw-0.18.4-2.fc27

BZ#1488947 CVE-2017-13735 libraw: Floating point exception in kodak_radc_load_raw function in internal/dcraw_common.cpp [fedora-all]

BZ#1490032 LibRaw-0.18.3 is available

BZ#1490877 LibRaw-0.18.4 is available

BZ#1492122 CVE-2017-14348 libraw: Heap-based 1 byte buffer over-write in processCanonCameraInfo function in internal/dcraw_common.cpp [fedora-all]

LibRaw-0.18.4-2.fc27

Automated Test Results

None