Information on source package libraw

Available versions

ReleaseVersion
wheezy0.14.6-2+deb7u1
wheezy (security)0.14.6-2+deb7u3
jessie0.16.0-9+deb8u2
jessie (security)0.16.0-9+deb8u3
stretch (security)0.17.2-6+deb9u1
buster0.18.5-1
sid0.18.5-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-14608fixedvulnerablevulnerablefixedfixedIn LibRaw through 0.18.4, an out of bounds read flaw related to ...
CVE-2017-14348fixedvulnerablevulnerablefixedfixedLibRaw before 0.18.4 has a heap-based Buffer Overflow in the ...
CVE-2017-14265fixedvulnerablevulnerablefixedfixedA Stack-based Buffer Overflow was discovered in xtrans_interpolate in ...
CVE-2017-13735vulnerable (no DSA)vulnerablevulnerablefixedfixedThere is a floating point exception in the kodak_radc_load_raw function ...
CVE-2013-2126vulnerable (no DSA)fixedfixedfixedfixedMultiple double free vulnerabilities in the LibRaw::unpack function in ...
CVE-2013-1439vulnerable (no DSA)fixedfixedfixedfixedThe "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before ...
CVE-2013-1438vulnerable (no DSA)fixedfixedfixedfixedUnspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in ...

Resolved issues

BugDescription
CVE-2017-6887A boundary error within the "parse_tiff_ifd()" function ...
CVE-2017-6886An error within the "parse_tiff_ifd()" function ...
CVE-2015-8367Memory objects are not intialized properly
CVE-2015-8366Index overflow in smal_decode_segment
CVE-2015-3885Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier ...
CVE-2013-2127Buffer overflow in the exposure correction code in LibRaw before ...

Security announcements

DSA / DLADescription
DLA-1109-1libraw - security update
DSA-3950-1libraw - security update
DSA-3950-1libraw - security update
DLA-1057-1libraw - security update
DLA-243-1libraw - security update

Search for package or bug name: Reporting problems