oss-sec mailing list archives
Re: CVE request: libraw: multiple issues
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 29 May 2013 12:00:37 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/29/2013 03:18 AM, Raphael Geissert wrote:
Hi Kurt, On 28 May 2013 19:58, Kurt Seifried <kseifried () redhat com> wrote:On 05/28/2013 02:43 AM, Raphael Geissert wrote:So there's a double-free (fixed in 0.15.2[3])https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6
Please
use CVE-2013-2126 for this issue.
and a buffer overflow (fixed in 0.15.1[2]).https://github.com/LibRaw/LibRaw/commit/2f912f5b33582961b1cdbd9fd828589f8b78f21d
Please
use CVE-2013-2127 for this issue.
Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Thanks - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRpkJEAAoJEBYNRVNeJnmTVZYP/R5M80Qjy91ZN3hoYmsywB7V KE8Tgwm1LsxWNvoHm5/ml7kEphNwrwPsxJeiKfZG1lql1N3I4Rd3eGLZZCn88WNk EJ1JeSDxE5XIpApnReXHBfCk3OGsHcotRhGj+7b+LCLqOcQW/f/MPQ3yVSMab8Pz QhFTg0t2TDthhAEQWi4PbwgVTPEb+UZtWo8gV4EF6rOWC45ZVOg/l5A+V0eBvt3j 7SKRqxCdx5WTd3bK/t6T1jeQQi8BKF0AJ9q36AV5QObEcdvO992BXjt+bGxfwduk xpkChFcSmO17rd+NDWREO4Xr6AdUGD0JlhNsOD+q4+l51YCeZ5a7pumMwCxGVueE uBc9ztzvt8HekYgAV3vUgjGAHHistzSVQe9LfvxSwDotzGm6HSMtpvxogOMwXJbF eTr4AOBdLeV5cEbCZ+wXvLOFxr7AuNoO/by4pEb7YMMTacfFcv4Xy6uPjFQ63STS AGVn6/kN4ZB3xVZRTUePg+xWsgGUQKkeiWiV0N37JorHrNW2F9IwPLZxU4JqGGWA mR6HTxDzN1s8IykfuHM8hI/v1AHFr18gcxDlVitcN8zQWtKYXh5leDyEAQf8oLp2 kqo/rljhijQdvhburnPBf91uJjrm7oYnrx4p5PaiG9e9oGEBZdzEe56teVOPUjjR BMZbIiKtJRQWOlZE9InY =bs8g -----END PGP SIGNATURE-----
Current thread:
- CVE request: libraw: multiple issues Raphael Geissert (May 28)
- Re: CVE request: libraw: multiple issues Kurt Seifried (May 28)
- Re: CVE request: libraw: multiple issues Raphael Geissert (May 29)
- Re: CVE request: libraw: multiple issues Kurt Seifried (May 29)
- Re: CVE request: libraw: multiple issues Raphael Geissert (Jun 04)
- Re: CVE request: libraw: multiple issues Alexander Bergmann (Jun 10)
- Re: CVE request: libraw: multiple issues Raphael Geissert (Jun 11)
- Re: CVE request: libraw: multiple issues Raphael Geissert (May 29)
- Re: CVE request: libraw: multiple issues Kurt Seifried (May 28)