OESA-2024-2363 dcraw security update

This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...

OPENSUSE-SU-2024:11480-1 gimp-ufraw-0.22-9.4 on GA media

These are all security issues fixed in the gimp-ufraw-0.22-9.4 package on the GA media of openSUSE Tumbleweed...

Mageia: Security Advisory (MGASA-2014-0011)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0225)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

ufraw is vulnerable to stack-based buffer overflow. It is due to a flaw in the findgreen function, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

CVE-2018-19655

CVE-2018-19655 is a stack-based overflow in the find_green() function of dcraw (up to version 9.28) that can be triggered by a malicious raw image and may allow remote control-flow hijack, DoS, or other impact when dcraw is used by apps such as ufraw-batch. Connected sources corroborate the flaw ...

Fedora Update for ufraw FEDORA-2015-8699

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : ufraw-0.21-1.fc20 (2015-8706)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora Update for ufraw FEDORA-2015-8706

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : ufraw-0.21-1.fc21 (2015-8717)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora 22 : ufraw-0.21-1.fc22 (2015-8699)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora Update for ufraw FEDORA-2015-8717

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: ufraw-0.21-1.fc22

UFRaw is a tool for opening raw format images of digital cameras...

[SECURITY] Fedora 20 Update: ufraw-0.21-1.fc20

UFRaw is a tool for opening raw format images of digital cameras...

[SECURITY] Fedora 21 Update: ufraw-0.21-1.fc21

UFRaw is a tool for opening raw format images of digital cameras...

Updated ufraw & dcraw packages fix CVE-2015-3885

Updated dcraw and ufraw packages fix security vulnerability: The dcraw tool suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A maliciously craft...

[oCERT-2015-006] dcraw input sanitization errors

2015-006 dcraw input sanitization errors Description: The dcraw photo decoder is an open source project for raw image parsing. The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concern...

Fedora Update for ufraw FEDORA-2013-22832

Check for the Version of ufraw OpenVAS Vulnerability Test Fedora Update for ufraw FEDORA-2013-22832 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for ufraw FEDORA-2013-22832

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-1438

CVE-2013-1438 affects dcraw 0.8.x–0.8.9 (used by libraw, ufraw, shotwell). The underlying issue causes a denial of service when processing a crafted photo, via divide-by-zero, infinite loop, or NULL pointer dereference. Exploitation details are not provided beyond this and no official patch/versi...