[Pkg-phototools-devel] Bug#874729: CVE-2017-13735: libraw: floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp
Henri S.
henri at nerv.fi
Sat Sep 9 09:56:58 UTC 2017
Source: libraw
Version: 0.18.2-2
Severity: normal
Tags: security patch upstream
Forwarded: https://github.com/LibRaw/LibRaw/issues/96
There is a floating point exception in the kodak_radc_load_raw function in
dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service
attack.
https://nvd.nist.gov/vuln/detail/CVE-2017-13735
https://github.com/LibRaw/LibRaw/issues/96
https://bugzilla.redhat.com/show_bug.cgi?id=1483988
This has been fixed in upstream 0.18.3 release. Please see:
https://www.libraw.org/news/libraw-0-18-3
--
Henri Salo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-phototools-devel/attachments/20170909/b822ebff/attachment.sig>
More information about the Pkg-phototools-devel
mailing list