imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::identify

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5922589626073088 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

openSUSE Security Update : libraw (openSUSE-2018-281)

This update for libraw fixes the following issues : - CVE-2018-5800: Specially crafted RAW files may have caused an application crash via a heap-based buffer overflow boo1084690 - CVE-2018-5801: Specially crafted RAW files may have been used to trigger a NULL pointer de-reference boo1084691 -...

CVE-2018-5802

An error within the "kodakradcloadraw" function internal/dcrawcommon.cpp related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...

CVE-2018-5801

An error within the "LibRaw::unpack" function src/librawcxx.cpp in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference...

CVE-2018-5800

An off-by-one error within the "LibRaw::kodakycbcrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...

UBUNTU-CVE-2018-5801

An error within the "LibRaw::unpack" function src/librawcxx.cpp in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference...

UBUNTU-CVE-2018-5802

An error within the "kodakradcloadraw" function internal/dcrawcommon.cpp related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...

UBUNTU-CVE-2018-5800

An off-by-one error within the "LibRaw::kodakycbcrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...

MGASA-2018-0164 Updated libraw packages bring minor security fixes

Minor security fixes have been made in libraw version 0.18.8 checking limits are not enforced. See references for more details...

Updated libraw packages bring minor security fixes

Minor security fixes have been made in libraw version 0.18.8 checking limits are not enforced. See references for more details...

FreeBSD : libraw -- multiple DoS vulnerabilities (6f0b0cbf-1274-11e8-8b5b-4ccc6adda413)

Secunia Research reports : CVE-2018-5800: An off-by-one error within the 'LibRaw::kodakycbcrloadraw' function internal/dcrawcommon.cpp can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. CVE-2017-5801: An error within the 'LibRaw::unpack' function...

FreeBSD : libraw -- multiple DoS vulnerabilities (c60804f1-126f-11e8-8b5b-4ccc6adda413)

Secunia Research reports : CVE-2017-16909: An error related to the 'LibRaw::panasonicloadraw' function dcrawcommon.cpp can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. CVE-2017-16910: An error within the...

Debian: Security Advisory (DLA-1057-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1109-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibRaw 0.18.7 Denial Of Service Vulnerability

Exploit for linux platform in category dos / poc LibRaw 0.18.7 Denial Of Service Vulnerability ====================================================================== 1 Affected Software LibRaw versions prior to 0.18.7. ====================================================================== 2...

libraw -- multiple DoS vulnerabilities

Secunia Research reports: CVE-2018-5800: An off-by-one error within the "LibRaw::kodakycbcrloadraw" function internal/dcrawcommon.cpp can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. CVE-2017-5801: An error within the "LibRaw::unpack" function src/librawcxx.c...

Fedora 27 : LibRaw (2017-f04296e37e)

Patch for CVE-2017-14348 ---- Fix for possible heap overrun in Canon makernotes parser Fix for CVE-2017-13735 CVE-2017-14265: Additional check for X-Trans CFA pattern data ---- LibRaw 0.18.3 Fix for CVE-2017-13735 Additional checks for X-Trans CFA pattern data ---- Patch for CVE-2017-13735. Note...

Fedora 27 : LibRaw (2017-0348398d64)

Fix for possible buffer overrun in kodak65000 decoder Fix for possible heap overrun in Canon makernotes parser Fix for CVE-2017-13735 CVE-2017-14265: Additional check for X-Trans CFA pattern data Note that Tenable Network Security has extracted the preceding description block directly from the...

Fedora 27 : mingw-LibRaw (2017-d3cd18fb03)

Update to version 0.18.5, see https://www.libraw.org/news/libraw-0-18-5 for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Fedora 27 : mingw-LibRaw (2017-65f6ccf760)

Update to version 0.18.4, see https://github.com/LibRaw/LibRaw/blob/0.18-stable/Changelog.txt for details. ---- Update to version 0.18.3, see https://www.libraw.org/news/libraw-0-18-3 for details. Note that Tenable Network Security has extracted the preceding description block directly from the...