Information on source package libraw

Available versions

ReleaseVersion
buster0.19.2-2
bullseye0.20.2-1
bookworm0.20.2-2
sid0.20.2-2

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2020-24889vulnerable (no DSA)fixedfixedfixedA buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::Ge ...
CVE-2020-15503vulnerable (no DSA)fixedfixedfixedLibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2020-24890vulnerablevulnerablevulnerablevulnerable** DISPUTED ** libraw 20.0 has a null pointer dereference vulnerabilit ...

Resolved issues

BugDescription
CVE-2020-24870Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_ ...
CVE-2020-15365LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...
CVE-2018-20365LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow ...
CVE-2018-20364LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL point ...
CVE-2018-20363LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointe ...
CVE-2018-20337There is a stack-based buffer overflow in the parse_makernote function ...
CVE-2018-10529An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds re ...
CVE-2018-10528An issue was discovered in LibRaw 0.18.9. There is a stack-based buffe ...
CVE-2018-5819An error within the "parse_sinar_ia()" function (internal/dcraw_common ...
CVE-2018-5818An error within the "parse_rollei()" function (internal/dcraw_common.c ...
CVE-2018-5817A type confusion error within the "unpacked_load_raw()" function withi ...
CVE-2018-5816An integer overflow error within the "identify()" function (internal/d ...
CVE-2018-5815An integer overflow error within the "parse_qt()" function (internal/d ...
CVE-2018-5813An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibR ...
CVE-2018-5812An error within the "nikon_coolscan_load_raw()" function (internal/dcr ...
CVE-2018-5811An error within the "nikon_coolscan_load_raw()" function (internal/dcr ...
CVE-2018-5810An error within the "rollei_load_raw()" function (internal/dcraw_commo ...
CVE-2018-5809An error within the "LibRaw::parse_exif()" function (internal/dcraw_co ...
CVE-2018-5808An error within the "find_green()" function (internal/dcraw_common.cpp ...
CVE-2018-5807An error within the "samsung_load_raw()" function (internal/dcraw_comm ...
CVE-2018-5806An error within the "leaf_hdr_load_raw()" function (internal/dcraw_com ...
CVE-2018-5805A boundary error within the "quicktake_100_load_raw()" function (inter ...
CVE-2018-5804A type confusion error within the "identify()" function (internal/dcra ...
CVE-2018-5802An error within the "kodak_radc_load_raw()" function (internal/dcraw_c ...
CVE-2018-5801An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) i ...
CVE-2018-5800An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" functi ...
CVE-2017-16910An error within the "LibRaw::xtrans_interpolate()" function (internal/ ...
CVE-2017-16909An error related to the "LibRaw::panasonic_load_raw()" function (dcraw ...
CVE-2017-14608In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_ ...
CVE-2017-14348LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCa ...
CVE-2017-14265A Stack-based Buffer Overflow was discovered in xtrans_interpolate in ...
CVE-2017-13735There is a floating point exception in the kodak_radc_load_raw functio ...
CVE-2017-6887A boundary error within the "parse_tiff_ifd()" function (internal/dcra ...
CVE-2017-6886An error within the "parse_tiff_ifd()" function (internal/dcraw_common ...
CVE-2015-8367The phase_one_correct function in Libraw before 0.17.1 allows attacker ...
CVE-2015-8366Array index error in smal_decode_segment function in LibRaw before 0.1 ...
CVE-2015-3885Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier ...
CVE-2013-2127Buffer overflow in the exposure correction code in LibRaw before 0.15. ...
CVE-2013-2126Multiple double free vulnerabilities in the LibRaw::unpack function in ...
CVE-2013-1439The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before ...
CVE-2013-1438Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in lib ...

Security announcements

DSA / DLADescription
DLA-2903-1libraw - security update
DLA-1734-1libraw - security update
DLA-1109-1libraw - security update
DSA-3950-1libraw - security update
DLA-1057-1libraw - security update
DLA-243-1libraw - security update

Search for package or bug name: Reporting problems