Advisories ยป MGASA-2017-0223

Updated libraw packages fix security vulnerabilities

Publication date: 28 Jul 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-6886 , CVE-2017-6887 , CVE-2017-6889 , CVE-2017-6890

Description

A memory corruption in parse_tiff_ifd() function (CVE-2017-6886).

A memory corruption via e.g. a specially crafted KDC file
parse_tiff_ifd() (CVE-2017-6887).

An integer overflow error within the "foveon_load_camf()" function
(CVE-2017-6889).

A boundary error within the "foveon_load_camf()" function
(CVE-2017-6890).
                

References

SRPMS

5/core