Advisories » MGASA-2019-0017

Updated dcraw packages fix security vulnerability

Publication date: 06 Jan 2019
Modification date: 06 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-CVE-2018-5801

Description

A NULL pointer dereference flaw was found in the way dcraw processed
images. An attacker could potentially use this flaw to crash dcraw by
tricking it into processing crafted images (CVE-2018-5801).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23252
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B4QRYU6SJD34FIOACDR2QA5F4C3CWPOB/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CVE-2018-5801

SRPMS

6/core

• dcraw-9.27.0-1.1.mga6