Security update for libraw SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:4299-1 Final 1 1 2018-12-28T17:28:04Z current 2018-12-28T17:28:04Z 2018-12-28T17:28:04Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libraw This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5804: Fixed a type confusion error within the identify function that could trigger a division by zero, leading to a denial of service (Dos). (boo#1097975) - CVE-2018-5805: Fixed a boundary error within the quicktake_100_load_raw function that could cause a stack-based buffer overflow and subsequently trigger a crash. (boo#1097973) - CVE-2018-5806: Fixed an error within the leaf_hdr_load_raw function that could trigger a NULL pointer deference, leading to a denial of service (DoS). (boo#1097974) - CVE-2018-5808: Fixed an error within the find_green function that could cause a stack-based buffer overflow and subsequently execute arbitrary code. (boo#1118894) - CVE-2018-5816: Fixed a type confusion error within the identify function that could trigger a division by zero, leading to a denial of service (DoS). (boo#1097975) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00072.html E-Mail link for openSUSE-SU-2018:4299-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 libraw-0.17.1-26.1 libraw-devel-0.17.1-26.1 libraw-devel-static-0.17.1-26.1 libraw-tools-0.17.1-26.1 libraw15-0.17.1-26.1 libraw-0.17.1-26.1 as a component of openSUSE Leap 42.3 libraw-devel-0.17.1-26.1 as a component of openSUSE Leap 42.3 libraw-devel-static-0.17.1-26.1 as a component of openSUSE Leap 42.3 libraw-tools-0.17.1-26.1 as a component of openSUSE Leap 42.3 libraw15-0.17.1-26.1 as a component of openSUSE Leap 42.3 A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero. CVE-2018-5804 openSUSE Leap 42.3:libraw-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-static-0.17.1-26.1 openSUSE Leap 42.3:libraw-tools-0.17.1-26.1 openSUSE Leap 42.3:libraw15-0.17.1-26.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00072.html https://www.suse.com/security/cve/CVE-2018-5804.html CVE-2018-5804 https://bugzilla.suse.com/1097975 SUSE Bug 1097975 A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash. CVE-2018-5805 openSUSE Leap 42.3:libraw-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-static-0.17.1-26.1 openSUSE Leap 42.3:libraw-tools-0.17.1-26.1 openSUSE Leap 42.3:libraw15-0.17.1-26.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00072.html https://www.suse.com/security/cve/CVE-2018-5805.html CVE-2018-5805 https://bugzilla.suse.com/1097973 SUSE Bug 1097973 An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. CVE-2018-5806 openSUSE Leap 42.3:libraw-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-static-0.17.1-26.1 openSUSE Leap 42.3:libraw-tools-0.17.1-26.1 openSUSE Leap 42.3:libraw15-0.17.1-26.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00072.html https://www.suse.com/security/cve/CVE-2018-5806.html CVE-2018-5806 https://bugzilla.suse.com/1097974 SUSE Bug 1097974 An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. CVE-2018-5808 openSUSE Leap 42.3:libraw-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-static-0.17.1-26.1 openSUSE Leap 42.3:libraw-tools-0.17.1-26.1 openSUSE Leap 42.3:libraw15-0.17.1-26.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00072.html https://www.suse.com/security/cve/CVE-2018-5808.html CVE-2018-5808 https://bugzilla.suse.com/1117896 SUSE Bug 1117896 https://bugzilla.suse.com/1118891 SUSE Bug 1118891 https://bugzilla.suse.com/1118894 SUSE Bug 1118894 An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804). CVE-2018-5816 openSUSE Leap 42.3:libraw-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-0.17.1-26.1 openSUSE Leap 42.3:libraw-devel-static-0.17.1-26.1 openSUSE Leap 42.3:libraw-tools-0.17.1-26.1 openSUSE Leap 42.3:libraw15-0.17.1-26.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00072.html https://www.suse.com/security/cve/CVE-2018-5816.html CVE-2018-5816 https://bugzilla.suse.com/1097975 SUSE Bug 1097975