CVE-2017-14348 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14348): LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file. References: https://github.com/LibRaw/LibRaw/issues/100 @Maintainer(s): After the version bump please let us know if it is ready for stabilization.
Fixed in 0.18.4 now in the tree, feel free to start stabilization.
@Maintainer please confirm if SLOT 0/15 is vulnerable. @Arches please test and mark stable. @Security please add cve to database. Gentoo Security Padawan ChrisADR
ia64 stable
Stable on alpha.
hppa stable
arm stable
ppc stable
amd64 stable
x86 stable
Re-adding ppc64: Ebuild isn't marked stable for ppc64.
Must have mixed ppc/ppc64. Thanks for catching that! ppc64 stable
sparc stable (thanks to Rolf Eike Beer)
Stabilization has been complete, thank you arches. @Maintainer(s): Please remove the vulnerable versions from the tree.
Old versions removed.
GLSA Vote: No