Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Fedora: 2015-a288773b9a Moderate: LibRaw Memory Initialization Problems

fedora
Calendar Grey December 12, 2015
Dist Fedora Esm H88
LibRaw patches address memory clearance and bound overflow issues in RAW file processing for Fedora systems.
Patch for CVE-2015-8366, CVE-2015-8367

Summary

LibRaw is a library for reading RAW files obtained from digital photo

cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of

drawbacks have already been eliminated and part will be fixed in future.

Update Information:

Patch for CVE-2015-8366, CVE-2015-8367

Change Log

References


[ 1 ] Bug #1287077 - CVE-2015-8367 LibRaw: Memory objects are not intialized properly [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287077 [ 2 ] Bug #1287057 - CVE-2015-8366 LibRaw: Index overflow in smal_decode_segment [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287057

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update LibRaw' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: LibRaw
Product: Fedora 22
Version: 0.16.2
Release: 3.fc22
Summary: Library for reading RAW files obtained from digital photo cameras

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.