Advisories » MGASA-2023-0082

Updated libraw packages fix security vulnerability

Publication date: 01 Mar 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-32142

Description

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker
to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int)
in /src/libraw/src/libraw_datastream.cpp. (CVE-2021-32142)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31594
• https://lists.suse.com/pipermail/sle-security-updates/2023-February/013886.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32142

SRPMS

8/core

• libraw-0.20.2-1.1.mga8