SUSE-SU-2022:1277-1

See a problem?
Please try reporting it to the source first.

Source

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2022:1277-1

Related

Published

2022-04-20T07:23:56Z

Modified

2022-04-20T07:23:56Z

Summary

Security update for dcraw

Details

This update for dcraw fixes the following issues:

CVE-2017-13735: Fixed a denial of service issue due to a floating point exception (bsc#1056170).
CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1063798).
CVE-2018-19655: Fixed a buffer overflow that could lead to an application crash (bsc#1117896).
CVE-2018-5801: Fixed an invalid memory access that could lead to denial of service (bsc#1084690).
CVE-2018-5805: Fixed a buffer overflow that could lead to an application crash (bsc#1097973).
CVE-2018-5806: Fixed an invalid memory access that could lead to denial of service (bsc#1097974).
CVE-2018-19565: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117622).
CVE-2018-19566: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117517).
CVE-2018-19567: Fixed a denial of service issue due to a floating point exception (bsc#1117512).
CVE-2018-19568: Fixed a denial of service issue due to a floating point exception (bsc#1117436).
CVE-2021-3624: Fixed a buffer overflow that could lead to code execution or denial of service (bsc#1189642).

Non-security fixes:

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.28.0-150000.3.3.1

{
    "binaries": [
        {
            "dcraw": "9.28.0-150000.3.3.1",
            "dcraw-lang": "9.28.0-150000.3.3.1"
        }
    ]
}