[Git][security-tracker-team/security-tracker][master] Track fixed version for libraw issues

Thu, 24 Apr 2025 02:28:51 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8e9a1ee0 by Salvatore Bonaccorso at 2025-04-24T11:28:18+02:00
Track fixed version for libraw issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -582,19 +582,19 @@ CVE-2025-43966 (libheif before 1.19.6 has a NULL pointer 
dereference in ImageIte
        - libheif 1.19.7-1
        NOTE: Fixed by: 
https://github.com/strukturag/libheif/commit/b38555387e4b5dcf036fe45b0c440aca19b7b69c
 (v1.19.6)
 CVE-2025-43964 (In LibRaw before 0.21.4, tag 0x412 processing in 
phase_one_correct in  ...)
-       - libraw <unfixed> (bug #1103783)
+       - libraw 0.21.4-1 (bug #1103783)
        NOTE: Fixed by: 
https://github.com/LibRaw/LibRaw/commit/a50dc3f1127d2e37a9b39f57ad9bb2ebb60f18c0
 (0.21.4)
        TODO: check security impact for digikam and darktable
 CVE-2025-43963 (In LibRaw before 0.21.4, phase_one_correct in 
decoders/load_mfbacks.cp ...)
-       - libraw <unfixed> (bug #1103782)
+       - libraw 0.21.4-1 (bug #1103782)
        NOTE: Fixed by: 
https://github.com/LibRaw/LibRaw/commit/be26e7639ecf8beb55f124ce780e99842de2e964
 (0.21.4)
        TODO: check security impact for digikam and darktable
 CVE-2025-43962 (In LibRaw before 0.21.4, phase_one_correct in 
decoders/load_mfbacks.cp ...)
-       - libraw <unfixed> (bug #1103781)
+       - libraw 0.21.4-1 (bug #1103781)
        NOTE: Fixed by: 
https://github.com/LibRaw/LibRaw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2
 (0.21.4)
        TODO: check security impact for digikam and darktable
 CVE-2025-43961 (In LibRaw before 0.21.4, metadata/tiff.cpp has an 
out-of-bounds read i ...)
-       - libraw <unfixed> (bug #1103781)
+       - libraw 0.21.4-1 (bug #1103781)
        NOTE: Fixed by: 
https://github.com/LibRaw/LibRaw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2
 (0.21.4)
        TODO: check security impact for digikam and darktable
 CVE-2025-0632 (Local File Inclusion (LFI) vulnerability in a Render function 
of Formu ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e9a1ee09bf3c38d3a082a3af1ff0396de2fa065

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e9a1ee09bf3c38d3a082a3af1ff0396de2fa065
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to