Lucene search

Gentoo FoundationMGASA-2013-0223

HistoryJul 21, 2013 - 1:04 p.m.

Updated darktable package fixes security vulnerability

2013-07-2113:04:47

Gentoo Foundation

advisories.mageia.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.6%

JSON

A double-free error exits when handling damaged full-color within Foveon and sRAW files in libraw, which is embedded in darktable (CVE-2013-2126).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchdarktable< 1.2-1.1darktable-1.2-1.1.mga3

OS	Version	Architecture	Package	Version	Filename
Mageia	3	noarch	darktable	< 1.2-1.1	darktable-1.2-1.1.mga3

References

lists.opensuse.org/opensuse-updates/2013-06/msg00193.html

secunia.com/advisories/53547/

www.libraw.org/news/libraw-0-15-2

bugs.mageia.org/show_bug.cgi?id=10427

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.6%

JSON

Related for MGASA-2013-0223