Package: libraw / 0.9.1-1+deb6u1
Patch seriesview the series file
|0001 Fix_CVE 2015 3885.patch | (download)||
8 5 + 3 - 0 !
fix_cve-2015-3885 Avoid overflowing array When reading raw image files containing lossless JPEG data, headers could be manipulated to make the signed int variable 'len' negative which specifies how much actual data follows. Interpreted as unsigned, this could lead to reading file data past the 64k boundary of the array used for storing it. To avoid that, make 'len' unsigned short, and bail out early if its value would become invalid (i.e. <= 0). Signed-off-by: Matteo F. Vescovi <firstname.lastname@example.org> Git-Dch: Short