Fedora 22: ufraw Security Update

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-8699
2015-05-22 00:29:39
--------------------------------------------------------------------------------

Name        : ufraw
Product     : Fedora 22
Version     : 0.21
Release     : 1.fc22
URL         : https://ufraw.sourceforge.net
Summary     : Raw image data retrieval tool for digital cameras
Description :
UFRaw is a tool for opening raw format images of digital cameras.

--------------------------------------------------------------------------------
Update Information:

This update contains a fix for a bug which could cause dcraw write past array boundaries.

Additionally, it updates ufraw to version 0.21, an upstream bugfix release.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 21 2015 Nils Philippsen  - 0.21-1
- avoid writing past array boundaries when reading certain raw formats
  (CVE-2015-3885)
* Wed May 20 2015 Nils Philippsen  - 0.21-1
- version 0.21
- don't manually specify, clean buildroot
- add Provides: bundled(dcraw)
* Thu May 14 2015 Nils Philippsen  - 0.20-4
- rebuild for lensfun-0.3.1
* Wed May 13 2015 Nils Philippsen  - 0.20-3
- rebuild for lensfun-0.3.0
* Sat May  2 2015 Kalev Lember  - 0.20-2
- Rebuilt for GCC 5 C++11 ABI change
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1221249 - CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=1221249
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update ufraw' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

What Are You Looking For?

Fedora 22: ufraw Security Update

Summary

Change Log

References

Update Instructions

OpenSSL 3.2 Adds Support for TCP Fast Open on Linux, Argon2 KDF, and More

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Severe Chromium Bug Threatens Sensitive Data, System Availability

Linux 6.7 Introduces "make hardening.config" To Help Build A Hardened Kernel

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

Cloud Security Basics for Small Businesses

Scanning and Defending Networks with Nmap

CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

What Are You Looking For?

Fedora 22: ufraw Security Update

Summary

Change Log

References

Update Instructions

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By