Ubuntu
libraw package

Change logs for libraw source package in Cosmic

  1. Cosmic (18.10)
  2. Change log 
  • libraw (0.18.13-1ubuntu0.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: infinite loop issues
    - debian/patches/CVE-2018-581x.patch: add more checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-5817
    - CVE-2018-5818
    - CVE-2018-5819
  * SECURITY UPDATE: stack overflow in parse_makernote
    - debian/patches/CVE-2018-20337.patch: properly calculate length in
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2018-20337
  * SECURITY UPDATE: NULL deref in LibRaw::raw2image
    - debian/patches/CVE-2018-20363.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20363
  * SECURITY UPDATE: NULL deref in LibRaw::copy_bayer
    - debian/patches/CVE-2018-20364.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20364
  * SECURITY UPDATE: heap overflow in LibRaw::raw2image()
    - debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-20365

 -- Marc Deslauriers <email address hidden>  Fri, 17 May 2019 11:50:29 -0400
  • libraw (0.18.13-1) unstable; urgency=medium

  * New upstream release
  * debian/control: S-V bump 4.1.4 -> 4.1.5 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Fri, 13 Jul 2018 00:05:29 +0200
  • libraw (0.18.11-1) unstable; urgency=high

  * New upstream release (Closes: #897185, #897186)
    - Fix CVE-2018-10528 and CVE-2018-10529
  * debian/control: S-V bump 4.1.3 -> 4.1.4 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Tue, 29 May 2018 23:40:01 +0200
  • libraw (0.18.8-2ubuntu1) cosmic; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2018-10528.patch: parser possible
      buffer overrun in  src/libraw_cxx.cpp.
    - CVE-2018-10528
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-10529.patch: X3F property table list fix
      in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
    - CVE-2018-10529

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 16 May 2018 13:07:00 -0300
  • libraw (0.18.8-2) unstable; urgency=medium

  [ Mattia Rizzolo ]
  * d/control: Update the Vcs-* fields for the move to salsa.debian.org.
  * Use HTTPS in the Homepage field.
  * d/rules: make use of dpkg-buildflags facilities to set LDFLAGS
    built files are bit-by-bit reproducible.
  * d/rules: drop option already passed by dh_auto_configure --prefix=/usr
  * d/rules: drop manual invocation of dh_makeshlibs.
  * Simplify symbols file, collating the architectures filters
    into arch-bits=64/32.

  [ Matteo F. Vescovi ]
  * debian/libraw16.symbols: MISSING entries dropped

 -- Matteo F. Vescovi <email address hidden>  Tue, 06 Mar 2018 22:33:44 +0100
  • libraw (0.18.8-1) unstable; urgency=medium

  * New upstream release
    - debian/libraw16.symbols: symbols updated

 -- Matteo F. Vescovi <email address hidden>  Sun, 04 Mar 2018 15:29:17 +0100