[3.2] libraw: Multi Memory error (CVE-2015-8366, CVE-2015-8367)
CVE-2015-8366: Index overflow in smal_decode_segment
Fixed In Version:
LibRaw 0.17.1
Reference:
http://seclists.org/fulldisclosure/2015/Nov/108
Patch:
https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
CVE-2015-8367: Memory objects are not intialized properly
Fixed In Version:
LibRaw 0.17.1
Reference:
http://seclists.org/fulldisclosure/2015/Nov/108
Patch:
https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
(from redmine: issue id 6912, created on 2017-02-21, closed on 2018-05-30)
- Relations:
- parent #6910 (closed)