You are here
Home > Preporuke > Ranjivost programske biblioteke LibRaw

Ranjivost programske biblioteke LibRaw

——————————————————————————–
Fedora Update Notification
FEDORA-2015-8432
2015-05-17 18:36:53
——————————————————————————–

Name : LibRaw
Product : Fedora 22
Version : 0.16.2
Release : 1.fc22
URL : http://www.libraw.org
Summary : Library for reading RAW files obtained from digital photo cameras
Description :
LibRaw is a library for reading RAW files obtained from digital photo
cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of
drawbacks have already been eliminated and part will be fixed in future.

——————————————————————————–
Update Information:

Latest upstream bugfix.
Fixed dcraw vulnerability in ljpeg_start()
——————————————————————————–
ChangeLog:

* Sat May 16 2015 Jon Ciesla <limburgher@gmail.com> – 0.16.2-1
– 0.16.2, BZ 1222258.
* Thu May 14 2015 Jon Ciesla <limburgher@gmail.com> – 0.16.1-7
– Add provides for bundled dcraw, https://fedorahosted.org/fpc/ticket/530
– Fix EVR in changelog.
——————————————————————————–
References:

[ 1 ] Bug #1222258 – LibRaw-0.16.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1222258
[ 2 ] Bug #1220382 – LibRaw-0.16.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1220382
[ 3 ] Bug #1221250 – CVE-2015-3885 LibRaw: dcraw: input sanitization flaw leading to buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1221250
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update LibRaw’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-8247
2015-05-15 09:47:12
——————————————————————————–

Name : LibRaw
Product : Fedora 20
Version : 0.15.4
Release : 2.fc20
URL : http://www.libraw.org
Summary : Library for reading RAW files obtained from digital photo cameras
Description :
LibRaw is a library for reading RAW files obtained from digital photo
cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of
drawbacks have already been eliminated and part will be fixed in future.

——————————————————————————–
Update Information:

Patch for ljpeg_start() vulnerability.

——————————————————————————–
ChangeLog:

——————————————————————————–
References:

[ 1 ] Bug #1221250 – CVE-2015-3885 LibRaw: dcraw: input sanitization flaw leading to buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1221250
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update LibRaw’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Ranjivost programske biblioteke mingw-LibRaw

Otkrivena je ranjivost cjelobrojnog prepisivanja u funkciji ljpeg_start unutar programske biblioteke mingw-LibRaw za Fedoru. Ranjivost potencijalnim udaljenim napadačima pruža mogućnost...

Close