Bug #7922: libraw: multiple issues (CVE-2017-13735, CVE-2017-14265)
[3.7] libraw: multiple issues (CVE-2017-13735, CVE-2017-14265)
CVE-2017-13735: There is a floating point exception in the kodak_radc_load_raw function in
dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
CVE-2017-14265: A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp
in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.