SUSE-SU-2018:3343-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:3343-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:3343-1
- Related
- Published
- 2018-10-23T14:43:27Z
- Modified
- 2018-10-23T14:43:27Z
- Summary
- Security update for libraw
- Details
-
This update for libraw fixes the following issues:
Security issues fixed:
- CVE-2018-5800: Fixed heap-based buffer overflow in LibRaw::kodakycbcrload_raw function (bsc#1084691).
- CVE-2018-5801: Fixed NULL pointer dereference in LibRaw::unpack function (bsc#1084690).
- CVE-2018-5802: Fixed out-of-bounds read in kodakradcload_raw function (bsc#1084688).
- CVE-2018-5813: Fixed infinite loop in the parse_minolta function (bsc#1103200)
- CVE-2018-5810: Fixed a heap-based buffer overflow in rolleiloadraw (bsc#1103353)
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20183343-1/
- https://bugzilla.suse.com/1084688
- https://bugzilla.suse.com/1084690
- https://bugzilla.suse.com/1084691
- https://bugzilla.suse.com/1103200
- https://bugzilla.suse.com/1103353
- https://www.suse.com/security/cve/CVE-2018-5800
- https://www.suse.com/security/cve/CVE-2018-5801
- https://www.suse.com/security/cve/CVE-2018-5802
- https://www.suse.com/security/cve/CVE-2018-5810
- https://www.suse.com/security/cve/CVE-2018-5813
Affected packages
SUSE:Linux Enterprise Desktop 12 SP3 / libraw
Package
- Name
- libraw
- Purl
- purl:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
SUSE:Linux Enterprise Software Development Kit 12 SP3 / libraw
Package
- Name
- libraw
- Purl
- purl:rpm/suse/libraw&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3