Package: libraw | Debian Sources

Package: libraw / 0.9.1-1+deb6u1

Metadata

Package	Version	Patches format
libraw	0.9.1-1+deb6u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
0001 Fix_CVE 2015 3885.patch \| (download)	dcraw/dcraw.c \| 8 5 + 3 - 0 ! 1 file changed, 5 insertions(+), 3 deletions(-)	fix_cve-2015-3885 Avoid overflowing array When reading raw image files containing lossless JPEG data, headers could be manipulated to make the signed int variable 'len' negative which specifies how much actual data follows. Interpreted as unsigned, this could lead to reading file data past the 64k boundary of the array used for storing it. To avoid that, make 'len' unsigned short, and bail out early if its value would become invalid (i.e. <= 0). Signed-off-by: Matteo F. Vescovi <mfv@debian.org> Git-Dch: Short

Patch

File delta

Description

0001 Fix_CVE 2015 3885.patch | (download)

dcraw/dcraw.c | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

 fix_cve-2015-3885

Avoid overflowing array

When reading raw image files containing lossless JPEG data, headers could be
manipulated to make the signed int variable 'len' negative which specifies
how much actual data follows. Interpreted as unsigned, this could lead to
reading file data past the 64k boundary of the array used for storing it.
To avoid that, make 'len' unsigned short, and bail out early if its value
would become invalid (i.e. <= 0).

Signed-off-by: Matteo F. Vescovi <mfv@debian.org>

Git-Dch: Short