From ${URL} : In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to cause an application crash. Upstream issue: https://github.com/LibRaw/LibRaw/issues/101 Upstream patch: https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21 @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
0.18.7 has the fix, but targeting a newer version. @arches, please stabilize.
ppc64 stable
ppc stable
ia64 stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1980bbc7d65aa157559932a238a11731a1fb2dd5 commit 1980bbc7d65aa157559932a238a11731a1fb2dd5 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-03-29 01:59:01 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-03-29 01:59:01 +0000 media-libs/libraw: amd64 stable Bug: https://bugs.gentoo.org/633826 Package-Manager: Portage-2.3.26, Repoman-2.3.7 media-libs/libraw/libraw-0.18.8.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)}
x86 stable
Stable on alpha.
arm stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b75deaef244478f53ac6b5210baccc4d8ac011d4 commit b75deaef244478f53ac6b5210baccc4d8ac011d4 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-04-21 19:15:12 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-04-21 19:15:22 +0000 media-libs/libraw: stable 0.18.8 for hppa, bug #633826 Bug: https://bugs.gentoo.org/633826 Package-Manager: Portage-2.3.28, Repoman-2.3.9 RepoMan-Options: --include-arches="hppa" media-libs/libraw/libraw-0.18.8.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)}
tree is clean
