What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-8c4e0b4335
2018-05-13 19:59:19.583151
--------------------------------------------------------------------------------Name        : LibRaw
Product     : Fedora 28
Version     : 0.18.11
Release     : 1.fc28
URL         : https://www.libraw.org
Summary     : Library for reading RAW files obtained from digital photo cameras
Description :
LibRaw is a library for reading RAW files obtained from digital photo
cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of
drawbacks have already been eliminated and part will be fixed in future.

--------------------------------------------------------------------------------Update Information:

  ----       CVE-2018-10529 fixed: out
of bounds read in X3F parser     CVE-2018-10528 fixed: possible stack overrun in
X3F parser
--------------------------------------------------------------------------------ChangeLog:

* Thu May 10 2018 Gwyn Ciesla  - 0.18.11-1
- 0.18.11.
* Thu May  3 2018 Gwyn Ciesla  - 0.18.10-1
- 0.18.10.
* Wed Apr 25 2018 Gwyn Ciesla  - 0.18.9-1
- 0.18.9.
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1576801
  [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1574326
  [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1574322
  [ 4 ] Bug #1574486 - LibRaw-0.18.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1574486
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-8c4e0b4335' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 28: LibRaw Security Update 2018-8c4e0b4335

May 13, 2018
---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser

Summary

LibRaw is a library for reading RAW files obtained from digital photo

cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of

drawbacks have already been eliminated and part will be fixed in future.

---- CVE-2018-10529 fixed: out

of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in

X3F parser

* Thu May 10 2018 Gwyn Ciesla - 0.18.11-1

- 0.18.11.

* Thu May 3 2018 Gwyn Ciesla - 0.18.10-1

- 0.18.10.

* Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1

- 0.18.9.

[ 1 ] Bug #1576801 - LibRaw-0.18.11 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1576801

[ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1574326

[ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1574322

[ 4 ] Bug #1574486 - LibRaw-0.18.10 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1574486

su -c 'dnf upgrade --advisory FEDORA-2018-8c4e0b4335' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2018-8c4e0b4335 2018-05-13 19:59:19.583151 Product : Fedora 28 Version : 0.18.11 Release : 1.fc28 URL : https://www.libraw.org Summary : Library for reading RAW files obtained from digital photo cameras Description : LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future. ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser * Thu May 10 2018 Gwyn Ciesla - 0.18.11-1 - 0.18.11. * Thu May 3 2018 Gwyn Ciesla - 0.18.10-1 - 0.18.10. * Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1 - 0.18.9. [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1576801 [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574326 [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574322 [ 4 ] Bug #1574486 - LibRaw-0.18.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1574486 su -c 'dnf upgrade --advisory FEDORA-2018-8c4e0b4335' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 28
Version : 0.18.11
Release : 1.fc28
URL : https://www.libraw.org
Summary : Library for reading RAW files obtained from digital photo cameras

Related News

X.Org DoS, Code Execution Vulns Fixed

Aug 3, 2023

Linux Kernel DoS, Code Execution, Info Disclosure Vulns Fixed

Jul 6, 2023

News

Advisories

HOWTOs

Features

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses

About Us

Powered By

Footer Logo