Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Fedora 22: dcraw Update with Critical Buffer Overflow Fix

fedora
Calendar Grey June 6, 2015
Dist Fedora Esm H88
Addresses buffer overflow vulnerabilities in dcraw on Fedora 22 and advances to version 9.25.0 with enhanced image processing capabilities.
This update contains a fix for a bug which could cause dcraw write past array boundaries

Summary

This package contains dcraw, a command line tool to decode raw image data

downloaded from digital cameras.

Update Information:

This update contains a fix for a bug which could cause dcraw write past array boundaries.

Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.

Topics%20covered

Topics Covered

security advisory buffer overflow software update Fedora image processing dcraw

Change Log

* Wed May 20 2015 Nils Philippsen - 9.25.0-2 - add Provides: bundled(dcraw) - don't manually specify, clean buildroot * Wed May 20 2015 Nils Philippsen - 9.25.0-1 - version 9.25.0 - remove unnecessary check from CVE-2013-1438 patch - avoid writing past array boundaries when reading certain raw formats (CVE-2015-3885)

References


[ 1 ] Bug #1221249 - CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1221249

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update dcraw' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: dcraw
Product: Fedora 22
Version: 9.25.0
Release: 2.fc22
URL: Summary : Tool for decoding raw image data from digital cameras

Topics%20covered

Topics Covered

security advisory buffer overflow software update Fedora image processing dcraw

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here