Information on source package libraw

Available versions

ReleaseVersion
jessie (security)0.16.0-9+deb8u3
stretch (security)0.17.2-6+deb9u1
buster0.19.2-2
sid0.19.2-2

Open issues

BugjessiestretchbustersidDescription
CVE-2018-5819vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedAn error within the "parse_sinar_ia()" function (internal/dcraw_common ...
CVE-2018-5818vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedAn error within the "parse_rollei()" function (internal/dcraw_common.c ...
CVE-2018-5817vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedA type confusion error within the "unpacked_load_raw()" function withi ...
CVE-2018-5815vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn integer overflow error within the "parse_qt()" function (internal/d ...
CVE-2018-5813vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "parse_minolta()" function (dcraw/dcraw.c) in LibR ...
CVE-2018-5812vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "nikon_coolscan_load_raw()" function (internal/dcr ...
CVE-2018-5811vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "nikon_coolscan_load_raw()" function (internal/dcr ...
CVE-2018-5810vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "rollei_load_raw()" function (internal/dcraw_commo ...
CVE-2018-5809vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedAn error within the "LibRaw::parse_exif()" function (internal/dcraw_co ...
CVE-2018-5808vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedAn error within the "find_green()" function (internal/dcraw_common.cpp ...
CVE-2018-5807vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "samsung_load_raw()" function (internal/dcraw_comm ...
CVE-2018-5806vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "leaf_hdr_load_raw()" function (internal/dcraw_com ...
CVE-2018-5805vulnerable (no DSA)vulnerable (no DSA)fixedfixedA boundary error within the "quicktake_100_load_raw()" function (inter ...
CVE-2018-5804vulnerable (no DSA)vulnerable (no DSA)fixedfixedA type confusion error within the "identify()" function (internal/dcra ...
CVE-2018-5802vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "kodak_radc_load_raw()" function (internal/dcraw_c ...
CVE-2018-5801vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) i ...
CVE-2018-5800vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" functi ...
CVE-2018-20365fixedvulnerable (no DSA)fixedfixedLibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow ...
CVE-2018-20364fixedvulnerable (no DSA)fixedfixedLibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL point ...
CVE-2018-20363fixedvulnerable (no DSA)fixedfixedLibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointe ...
CVE-2018-20337fixedvulnerable (no DSA)fixedfixedThere is a stack-based buffer overflow in the parse_makernote function ...
CVE-2018-10529vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in LibRaw 0.18.9. There is an out-of-bounds re ...
CVE-2018-10528vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in LibRaw 0.18.9. There is a stack-based buffe ...
CVE-2017-16910vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error within the "LibRaw::xtrans_interpolate()" function (internal/ ...
CVE-2017-16909vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn error related to the "LibRaw::panasonic_load_raw()" function (dcraw ...
CVE-2017-14608vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn LibRaw through 0.18.4, an out of bounds read flaw related to kodak_ ...
CVE-2017-14348fixedvulnerable (no DSA)fixedfixedLibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCa ...
CVE-2017-14265vulnerable (no DSA)vulnerable (no DSA)fixedfixedA Stack-based Buffer Overflow was discovered in xtrans_interpolate in ...
CVE-2017-13735vulnerable (no DSA)vulnerable (no DSA)fixedfixedThere is a floating point exception in the kodak_radc_load_raw functio ...

Resolved issues

BugDescription
CVE-2018-5816An integer overflow error within the "identify()" function (internal/d ...
CVE-2017-6887A boundary error within the "parse_tiff_ifd()" function (internal/dcra ...
CVE-2017-6886An error within the "parse_tiff_ifd()" function (internal/dcraw_common ...
CVE-2015-8367Memory objects are not intialized properly
CVE-2015-8366Index overflow in smal_decode_segment
CVE-2015-3885Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier ...
CVE-2013-2127Buffer overflow in the exposure correction code in LibRaw before 0.15. ...
CVE-2013-2126Multiple double free vulnerabilities in the LibRaw::unpack function in ...
CVE-2013-1439The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before ...
CVE-2013-1438Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in lib ...

Security announcements

DSA / DLADescription
DLA-1109-1libraw - security update
DSA-3950-1libraw - security update
DSA-3950-1libraw - security update
DLA-1057-1libraw - security update
DLA-243-1libraw - security update

Search for package or bug name: Reporting problems