Advisories » MGASA-2017-0468

Updated libraw packages fix security vulnerability

Publication date: 24 Dec 2017
Modification date: 24 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-16910

Description

Invalid read memory access in the LibRaw::xtrans_interpolate() function.
(CVE-2017-16910)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22243
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5CVYH6MZ7FEBYY2TWTMRQKBIK6E2RAHI/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16910

SRPMS

5/core

• libraw-0.16.2-1.5.mga5

6/core

• libraw-0.18.6-1.mga6