Updated libraw packages fix CVE-2015-3885

Updated libraw packages fix security vulnerability: The dcraw tool suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A maliciously crafted raw...

Fedora 22 : LibRaw-0.16.1-6.fc22 (2015-7993)

Fixed dcraw vulnerability in ljpegstart Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

[SECURITY] Fedora 22 Update: LibRaw-0.16.1-6.fc22

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

dcraw / libraw integer overflow

Integer overflow in ljpegstart...

[oCERT-2015-006] dcraw input sanitization errors

2015-006 dcraw input sanitization errors Description: The dcraw photo decoder is an open source project for raw image parsing. The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concern...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libraw package up to version 0.15.4 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

[SECURITY] Fedora 20 Update: libkdcraw-4.14.1-1.fc20

Libkdcraw is a C++ interface around LibRaw library used to decode RAW picture files. More information about LibRaw can be found at http://www.libraw.org...

openSUSE Security Update : libraw (openSUSE-SU-2013:1085-1)

This update of libraw fixes a security issue. - security update : - CVE-2013-2126.patch bnc822665 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-537. The text description of thi...

Updated darktable package fixes two vulnerabilities

Updated darktable package fixes security vulnerabilities: Darktable before version 1.2.3 contains an embedded copy of LibRaw that incorrectly handled photo files. If a user was tricked into processing a specially crafted photo file, darktable could be made to crash, resulting in a denial of servi...

MGASA-2014-0050 Updated darktable package fixes two vulnerabilities

Updated darktable package fixes security vulnerabilities: Darktable before version 1.2.3 contains an embedded copy of LibRaw that incorrectly handled photo files. If a user was tricked into processing a specially crafted photo file, darktable could be made to crash, resulting in a denial of servi...

Null pointer dereference

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a 1 divide-by-zero, 2 infinite loop, or 3 NULL pointer dereference...

CVE-2013-1438

CVE-2013-1438 affects dcraw 0.8.x–0.8.9 (used by libraw, ufraw, shotwell). The underlying issue causes a denial of service when processing a crafted photo, via divide-by-zero, infinite loop, or NULL pointer dereference. Exploitation details are not provided beyond this and no official patch/versi...

MGASA-2014-0011 Updated dcraw and ufraw package fix security vulnerability

Due to flaws in the embedded copy of LibRaw in dcraw and ufraw, corrupt input files might trigger a division by zero, an infinite loop, or a null pointer dereference CVE-2013-1438. The dcraw and ufraw packages have been updated to their newest versions and patched to fix the flaws in the embedded...

Updated dcraw and ufraw package fix security vulnerability

Due to flaws in the embedded copy of LibRaw in dcraw and ufraw, corrupt input files might trigger a division by zero, an infinite loop, or a null pointer dereference CVE-2013-1438. The dcraw and ufraw packages have been updated to their newest versions and patched to fix the flaws in the embedded...

MGASA-2013-0385 Updated libkdcraw packages fix CVE-2013-1438 & CVE-2013-1439

Updated libkdcraw packages fix libraw security vulnerabilities: It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denia...

Mandriva Linux Security Advisory : libraw (MDVSA-2013:249)

Updated libraw packages fix security vulnerabilities : It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of...

MGASA-2013-0301 Updated libraw packages fix security vulnerabilities

Updated libraw packages fix security vulnerabilities: It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of servi...

Updated libraw packages fix security vulnerabilities

Updated libraw packages fix security vulnerabilities: It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of servi...

libraw / libKDCraw DoS

Crash on raw images parsing...

Ubuntu Update for libraw USN-1964-1

Check for the Version of libraw OpenVAS Vulnerability Test $Id: gbubuntuUSN19641.nasl 8466 2018-01-19 06:58:30Z teissa $ Ubuntu Update for libraw USN-1964-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...