AVG-681

Package libraw
Status Fixed
Severity Critical
Type multiple issues
Affected 0.18.9-1
Fixed 0.18.10-1
Current 0.19.2-1 [extra]
Ticket FS#58393
Created Sun Apr 29 15:27:28 2018
Issue Severity Remote Type Description
CVE-2018-10529 Medium Yes Information disclosure
An out-of-bounds read has been found in LibRaw before 0.18.10, in the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp
CVE-2018-10528 Critical Yes Arbitrary code execution
A stack-based buffer overflow has been found in LibRaw before 0.18.10, in the utf2char() function in libraw_cxx.cpp.
Date Advisory Package Description
09 May 2018 ASA-201805-2 libraw multiple issues