openSUSE-SU-2017:2848-1

Опубликовано: 25 окт. 2017

Источник: suse-cvrf

Описание

Security update for libraw

This update for libraw fixes the following issues:

Changes in libraw:

CVE-2017-14608: An out of bounds read in the kodak_65000_load_raw function could lead to an information leak. [boo#1063798]

Список пакетов

openSUSE Leap 42.2

libraw-0.17.1-14.1

libraw-devel-0.17.1-14.1

libraw-devel-static-0.17.1-14.1

libraw-tools-0.17.1-14.1

libraw15-0.17.1-14.1

openSUSE Leap 42.3

libraw-0.17.1-14.1

libraw-devel-0.17.1-14.1

libraw-devel-static-0.17.1-14.1

libraw-tools-0.17.1-14.1

libraw15-0.17.1-14.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-10/msg00089.html
E-Mail link for openSUSE-SU-2017:2848-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

Затронутые продукты

openSUSE Leap 42.2:libraw-0.17.1-14.1

openSUSE Leap 42.2:libraw-devel-0.17.1-14.1

openSUSE Leap 42.2:libraw-devel-static-0.17.1-14.1

openSUSE Leap 42.2:libraw-tools-0.17.1-14.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-14608.html
CVE-2017-14608
https://bugzilla.suse.com/1063798
SUSE Bug 1063798

openSUSE-SU-2017:2848-1

Описание

Список пакетов

openSUSE Leap 42.2

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-14608

Описание

Затронутые продукты

Ссылки