exploitDog

openSUSE-SU-2017:2559-1

Опубликовано: 24 сент. 2017

Источник: suse-cvrf

Описание

Security update for libraw

This update for libraw fixes the following issues:

CVE-2017-14348: A specially crafted file could have been used to trigger a heap-based buffer overflow (boo#1058467)

Список пакетов

openSUSE Leap 42.2

libraw-0.17.1-6.1

libraw-devel-0.17.1-6.1

libraw-devel-static-0.17.1-6.1

libraw-tools-0.17.1-6.1

libraw15-0.17.1-6.1

openSUSE Leap 42.3

libraw-0.17.1-6.1

libraw-devel-0.17.1-6.1

libraw-devel-static-0.17.1-6.1

libraw-tools-0.17.1-6.1

libraw15-0.17.1-6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-09/msg00099.html
E-Mail link for openSUSE-SU-2017:2559-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.

Затронутые продукты

openSUSE Leap 42.2:libraw-0.17.1-6.1

openSUSE Leap 42.2:libraw-devel-0.17.1-6.1

openSUSE Leap 42.2:libraw-devel-static-0.17.1-6.1

openSUSE Leap 42.2:libraw-tools-0.17.1-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-14348.html
CVE-2017-14348
https://bugzilla.suse.com/1058467
SUSE Bug 1058467
https://bugzilla.suse.com/1063798
SUSE Bug 1063798