AVG-92 log

Package libraw
Status Fixed
Severity Medium
Type incorrect calculation
Affected 0.16.1-1
Fixed 0.17.1-1
Current 0.20.2-1 [extra]
Ticket None
Created Sat Dec 3 22:13:33 2016
Issue Severity Remote Type Description
CVE-2015-8367 Medium Yes Incorrect calculation
It was found that phase_one_correct function in libraw does not handle memory object’s initialization correctly, which may have unspecified impact.
CVE-2015-8366 Medium Yes Incorrect calculation
It was found that smal_decode_segment function in libraw do not handle index carefully, which may cause index overflow.