SUSE: 2019:0133-1 Moderate: libraw Buffer Overflow And More
suse
January 21, 2019
An update that fixes 7 vulnerabilities is now available
Summary
This update for libraw fixes the following issues: Security issues fixed: - CVE-2018-20337: Fixed a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (bsc#1120519) - CVE-2018-20365: Fixed a heap-based buffer overflow in the raw2image function of libraw_cxx.cpp (bsc#1120500) - CVE-2018-20364: Fixed a NULL pointer dereference in the copy_bayer function of libraw_cxx.cpp (bsc#1120499) - CVE-2018-20363: Fixed a NULL pointer dereference in the raw2image function of libraw_cxx.cpp (bsc#1120498) - CVE-2018-5817: Fixed an infinite loop in the unpacked_load_raw function of dcraw_common.cpp (bsc#1120515) - CVE-2018-5818: Fixed an infinite loop in the parse_rollei function of dcraw_common.cpp (bsc#1120516)
Topics Covered
References
#1120498 #1120499 #1120500 #1120515 #1120516
#1120517 #1120519
Cross- CVE-2018-20337 CVE-2018-20363 CVE-2018-20364
CVE-2018-20365 CVE-2018-5817 CVE-2018-5818
CVE-2018-5819
Affected Products:
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
https://www.suse.com/security/cve/CVE-2018-20337.html
https://www.suse.com/security/cve/CVE-2018-20363.html
https://www.suse.com/security/cve/CVE-2018-20364.html
https://www.suse.com/security/cve/CVE-2018-20365.html
https://www.suse.com/security/cve/CVE-2018-5817.html
https://www.suse.com/security/cve/CVE-2018-5818.html
https://www.suse.com/security/cve/CVE-2018-5819.html
https://bugzilla.suse.com/1120498
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2019:0133-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!