| Revision Date: | 2017-08-30 | Version: | 1 |
| Title: | Security update for libraw (Moderate) |
| Description: |
This update for libraw fixes the following issues:
- CVE-2015-3885: A specially crafted raw image file could have caused a Denial of Service through an integer overflow. (bsc#930683)
- CVE-2015-8367: The function phase_one_correct() did not handle memory object initialization correctly, which may have caused some other problems. (bsc#957517)
- CVE-2017-6886: memory corruption in parse_tiff_ifd() func (internal/dcraw_common.cpp) could lead to Denial of service (bsc#1039380)
- CVE-2017-6889: integer overflow error within the 'foveon_load_camf()' function (dcraw_foveon.c) could lead to Denial of service (bsc#1039210)
- CVE-2017-6890: boundary error within the 'foveon_load_camf()' function (dcraw_foveon.c) (bsc#1039209)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1039209
1039210
1039379
1039380
930683
957517
CVE-2015-3885
CVE-2015-8367
CVE-2017-6886
CVE-2017-6887
CVE-2017-6889
CVE-2017-6890
CVE-2017-6899
SUSE-SU-2017:2300-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed AND libraw9-0.15.4-9.2 is installed
|