SUSE-SU-2025:1568-1

Source
https://www.suse.com/support/update/announcement/2025/suse-su-20251568-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:1568-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:1568-1
Related
Published
2025-05-16T13:42:49Z
Modified
2025-05-22T10:59:11.005724Z
Upstream
Summary
Security update for libraw
Details

This update for libraw fixes the following issues:

  • CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp (bsc#1241643)
  • CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function (bsc#1241585)
  • CVE-2025-43963: Fixed out-of-buffer access during phaseonecorrect in decoders/load_mfbacks.cpp (bsc#1241642)
  • CVE-2025-43964: Fixed tag 0x412 processing in phaseonecorrect does not enforce minimum w0 and w1 values (bsc#1241584)
References

Affected packages