4 matches found
SUSE SLED12 Security Update : libraw (SUSE-SU-2017:2300-1)
This update for libraw fixes the following issues : - CVE-2015-3885: A specially crafted raw image file could have caused a Denial of Service through an integer overflow. bsc930683 - CVE-2015-8367: The function phaseonecorrect did not handle memory object initialization correctly, which may have...
MGASA-2017-0223 Updated libraw packages fix security vulnerabilities
A memory corruption in parsetiffifd function CVE-2017-6886. A memory corruption via e.g. a specially crafted KDC file parsetiffifd CVE-2017-6887. An integer overflow error within the "foveonloadcamf" function CVE-2017-6889. A boundary error within the "foveonloadcamf" function CVE-2017-6890...
CVE-2017-6890
A boundary error within the "foveonloadcamf" function dcrawfoveon.c when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow...
CVE-2017-6890
CVE-2017-6890 affects LibRaw-demosaic-pack-GPL2 before 0.18.2. The issue is a boundary error in foveon_load_camf() (dcraw_foveon.c) when initializing a Huffman table, which can cause a stack-based buffer overflow. Connected sources confirm fixes in OpenSUSE/SUSE advisories (e.g., openSUSE-2017-64...