SUSE-SU-2025:1568-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20251568-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:1568-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2025:1568-1
- Related
- Published
- 2025-05-16T13:42:49Z
- Modified
- 2025-05-22T10:59:11.005724Z
- Upstream
- Summary
- Security update for libraw
- Details
-
This update for libraw fixes the following issues:
- CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643)
- CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function (bsc#1241585)
- CVE-2025-43963: Fixed out-of-buffer access during phaseonecorrect in decoders/load_mfbacks.cpp (bsc#1241642)
- CVE-2025-43964: Fixed tag 0x412 processing in phaseonecorrect does not enforce minimum w0 and w1 values (bsc#1241584)
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-20251568-1/
- https://bugzilla.suse.com/1241584
- https://bugzilla.suse.com/1241585
- https://bugzilla.suse.com/1241642
- https://bugzilla.suse.com/1241643
- https://www.suse.com/security/cve/CVE-2025-43961
- https://www.suse.com/security/cve/CVE-2025-43962
- https://www.suse.com/security/cve/CVE-2025-43963
- https://www.suse.com/security/cve/CVE-2025-43964