Fedora 27 : mingw-LibRaw (2018-ccb2cc96be)

Update to LibRaw-0.18.10, see https://www.libraw.org/news/libraw-0-18-10 for details. ---- Update to LibRaw-0.18.9, see https://www.libraw.org/news/libraw-0-18-9 for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Fedora Update for mingw-LibRaw FEDORA-2018-d3b44e5574

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mingw-LibRaw FEDORA-2018-ccb2cc96be

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: mingw-LibRaw-0.18.10-1.fc27

MinGW Windows LibRaw library...

[SECURITY] Fedora 28 Update: mingw-LibRaw-0.18.10-1.fc28

MinGW Windows LibRaw library...

Updated libraw packages fix security vulnerabilities

Several security fixes have been done in libraw version 0.18.9, then 0.18.10 and finally 0.18.11...

MGASA-2018-0242 Updated libraw packages fix security vulnerabilities

Several security fixes have been done in libraw version 0.18.9, then 0.18.10 and finally 0.18.11...

Fedora 27 : LibRaw (2018-08ea7a5f0b)

https://www.libraw.org/news/libraw-0-18-11 ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

Fedora Update for LibRaw FEDORA-2018-08ea7a5f0b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for LibRaw FEDORA-2018-8c4e0b4335

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: LibRaw-0.18.11-1.fc27

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

imagemagick/encoder_dng_fuzzer: Stack-buffer-overflow in LibRaw::kodak_radc_load_raw

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5751921557110784 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

[SECURITY] Fedora 28 Update: LibRaw-0.18.11-1.fc28

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

imagemagick/ping_jng_fuzzer: Use-of-uninitialized-value in LibRaw::canon_has_lowbits

Detailed report: https://oss-fuzz.com/testcase?key=4909191931101184 Project: imagemagick Fuzzer: libFuzzerimagemagickpingjngfuzzer Fuzz target binary: pingjngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

Ubuntu 16.04 LTS / 18.04 LTS : LibRaw vulnerabilities (USN-3639-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3639-1 advisory. It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-1052...

[ASA-201805-2] libraw: multiple issues

Arch Linux Security Advisory ASA-201805-2 ========================================= Severity: Critical Date : 2018-05-09 CVE-ID : CVE-2018-10528 CVE-2018-10529 Package : libraw Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-681 Summary ======= The package libraw...

USN-3639-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-10528 It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to obtain sensitive information. CVE-2018-10529...

USN-3639-1 libraw vulnerabilities

It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-10528 It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to obtain sensitive information. CVE-2018-10529...

CVE-2018-10528

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in librawcxx.cpp...

CVE-2018-10529

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in librawx3f.cpp and librawcxx.cpp...