Updated libraw packages fix security vulnerabilities
Publication date: 10 Dec 2015Modification date: 07 Mar 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-8366 , CVE-2015-8367
Description
Updated libraw packages fix security vulnerabilities: It was found that smal_decode_segment function do not handle index carefully, which may cause index overflow (CVE-2015-8366). It was found that phase_one_correct function does not handle memory object's initialization correctly, which may have unspecified impact (CVE-2015-8367).
References
SRPMS
5/core
- libraw-0.16.2-1.1.mga5