Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Fedora 23 LibRaw Security Update: Memory Problems and Index Overflow

fedora
Calendar Grey December 7, 2015
Dist Fedora Esm H88
Tackling vulnerabilities in LibRaw for Fedora 23, this patch fixes significant memory problems and index out-of-bounds errors.
Patch for CVE-2015-8366, CVE-2015-8367

Summary

LibRaw is a library for reading RAW files obtained from digital photo

cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of

drawbacks have already been eliminated and part will be fixed in future.

Update Information:

Patch for CVE-2015-8366, CVE-2015-8367

Change Log

References


[ 1 ] Bug #1287077 - CVE-2015-8367 LibRaw: Memory objects are not intialized properly [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287077 [ 2 ] Bug #1287057 - CVE-2015-8366 LibRaw: Index overflow in smal_decode_segment [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1287057

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update LibRaw' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: LibRaw
Product: Fedora 23
Version: 0.16.2
Release: 3.fc23
Summary: Library for reading RAW files obtained from digital photo cameras

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.