oss-sec mailing list archives
Re: CVE request: libraw: multiple issues
From: Raphael Geissert <geissert () debian org>
Date: Tue, 11 Jun 2013 10:30:42 +0200
Hi, On 10 June 2013 12:16, Alexander Bergmann <abergmann () suse com> wrote:
In which libraw version was this problem actually introduced?
I don't know exactly, CC'ing upstream for this.
darktable uses embedded libraw 0.14.7 libkdcraw uses embedded libraw 0.15.0 I found a commit that introduced the "// allocate image as temporary buffer, size" stuff within commit 1a8e92ff, and that was part of 0.14.0.
libkdcraw, as it used to be included in kdegraphics in KDE 4.4, used libraw 0.8.x and possibly older versions. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE request: libraw: multiple issues Raphael Geissert (May 28)
- Re: CVE request: libraw: multiple issues Kurt Seifried (May 28)
- Re: CVE request: libraw: multiple issues Raphael Geissert (May 29)
- Re: CVE request: libraw: multiple issues Kurt Seifried (May 29)
- Re: CVE request: libraw: multiple issues Raphael Geissert (Jun 04)
- Re: CVE request: libraw: multiple issues Alexander Bergmann (Jun 10)
- Re: CVE request: libraw: multiple issues Raphael Geissert (Jun 11)
- Re: CVE request: libraw: multiple issues Raphael Geissert (May 29)
- Re: CVE request: libraw: multiple issues Kurt Seifried (May 28)