Moritz Muehlenhoff <[email protected]> writes: > Source: libraw > Severity: grave > Tags: security > > Please see > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6886 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6887
I started to look at this, but gave up on (me) fixing it for the initial stretch release. 1. Between the version in stretch and the version being patched, upstream has run the 15k line dcraw.c through clang-format, which means the patch referenced in the CVE would need to move about 2k lines to apply :(. 2. As I started to try to hand apply upstream d7c3d2cb460be10, I realized there are security related changes from some other commit - if (len > 2560000 || !(cbuf = (char *)malloc(len))) + if (len < 1 || len > 2560000 || !(cbuf = (char *)malloc(len))) in particular the (len > 2560000) is not present in the code in stretch. It seems to come from upstream commit 8d0935 [3 files changed, 208 insertions(+), 154 deletions(-)], which also would need hand applying, or some other cleverness. _______________________________________________ Pkg-phototools-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-phototools-devel
