ALT-PU-2023-5533-1
Package libraw updated to version 0.21.1-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2022-06765
Уязвимость функции new_node() (libraw\src\x3f\x3f_utils_patched.cpp) библиотеки для обработки изображений LibRaw, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-01107
Уязвимость функции LibRaw::adobe_copy_pixel() библиотеки для обработки изображений LibRaw, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-35530
In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
- https://github.com/LibRaw/LibRaw/commit/11c4db253ef2c9bb44247b578f5caa57c66a1eeb
- https://github.com/LibRaw/LibRaw/commit/11c4db253ef2c9bb44247b578f5caa57c66a1eeb
- https://github.com/LibRaw/LibRaw/issues/272
- https://github.com/LibRaw/LibRaw/issues/272
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
Modified: 2024-11-21
CVE-2020-35531
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
- https://github.com/LibRaw/LibRaw/commit/d75af00681a74dcc8b929207eb895611a6eceb68
- https://github.com/LibRaw/LibRaw/commit/d75af00681a74dcc8b929207eb895611a6eceb68
- https://github.com/LibRaw/LibRaw/issues/270
- https://github.com/LibRaw/LibRaw/issues/270
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
Modified: 2024-11-21
CVE-2020-35532
In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
- https://github.com/LibRaw/LibRaw/commit/5ab45b085898e379fedc6b113e2e82a890602b1e
- https://github.com/LibRaw/LibRaw/commit/5ab45b085898e379fedc6b113e2e82a890602b1e
- https://github.com/LibRaw/LibRaw/issues/271
- https://github.com/LibRaw/LibRaw/issues/271
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
Modified: 2024-11-21
CVE-2020-35533
In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
- https://github.com/LibRaw/LibRaw/commit/a6937d4046a7c4742b683a04c8564605fd9be4fb
- https://github.com/LibRaw/LibRaw/commit/a6937d4046a7c4742b683a04c8564605fd9be4fb
- https://github.com/LibRaw/LibRaw/issues/273
- https://github.com/LibRaw/LibRaw/issues/273
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3113-1] libraw security update
Modified: 2024-11-21
CVE-2020-35534
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
Modified: 2024-11-21
CVE-2020-35535
In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.