https://nvd.nist.gov/vuln/detail/CVE-2018-19655 A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. The same revbump also fixes CVE-2015-8366 (similar code as in libraw): https://bugzilla.suse.com/show_bug.cgi?id=1006704&_ga=2.222701341.764034572.1568590622-1578955419.1534973316
Arches, please stabilise.
x86 stable
amd64 stable
ppc stable
ppc64 stable
sparc stable
ia64 stable
alpha keywords dropped to unstable
arm stable
GLSA vote: no