Security update for libraw SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:0094-1 Final 1 1 2019-03-23T10:50:41Z current 2019-03-23T10:50:41Z 2019-03-23T10:50:41Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libraw This update for libraw fixes the following issues: Security issues fixed: - CVE-2018-20337: Fixed a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (bsc#1120519) - CVE-2018-20365: Fixed a heap-based buffer overflow in the raw2image function of libraw_cxx.cpp (bsc#1120500) - CVE-2018-20364: Fixed a NULL pointer dereference in the copy_bayer function of libraw_cxx.cpp (bsc#1120499) - CVE-2018-20363: Fixed a NULL pointer dereference in the raw2image function of libraw_cxx.cpp (bsc#1120498) - CVE-2018-5817: Fixed an infinite loop in the unpacked_load_raw function of dcraw_common.cpp (bsc#1120515) - CVE-2018-5818: Fixed an infinite loop in the parse_rollei function of dcraw_common.cpp (bsc#1120516) - CVE-2018-5819: Fixed a denial of service in the parse_sinar_ia function of dcraw_common.cpp (bsc#1120517) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-94 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html E-Mail link for openSUSE-SU-2019:0094-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1120498 SUSE Bug 1120498 https://bugzilla.suse.com/1120499 SUSE Bug 1120499 https://bugzilla.suse.com/1120500 SUSE Bug 1120500 https://bugzilla.suse.com/1120515 SUSE Bug 1120515 https://bugzilla.suse.com/1120516 SUSE Bug 1120516 https://bugzilla.suse.com/1120517 SUSE Bug 1120517 https://bugzilla.suse.com/1120519 SUSE Bug 1120519 https://www.suse.com/security/cve/CVE-2018-20337/ SUSE CVE CVE-2018-20337 page https://www.suse.com/security/cve/CVE-2018-20363/ SUSE CVE CVE-2018-20363 page https://www.suse.com/security/cve/CVE-2018-20364/ SUSE CVE CVE-2018-20364 page https://www.suse.com/security/cve/CVE-2018-20365/ SUSE CVE CVE-2018-20365 page https://www.suse.com/security/cve/CVE-2018-5817/ SUSE CVE CVE-2018-5817 page https://www.suse.com/security/cve/CVE-2018-5818/ SUSE CVE CVE-2018-5818 page https://www.suse.com/security/cve/CVE-2018-5819/ SUSE CVE CVE-2018-5819 page openSUSE Leap 15.0 libraw-devel-0.18.9-lp150.2.6.1 libraw-devel-static-0.18.9-lp150.2.6.1 libraw-tools-0.18.9-lp150.2.6.1 libraw16-0.18.9-lp150.2.6.1 libraw-devel-0.18.9-lp150.2.6.1 as a component of openSUSE Leap 15.0 libraw-devel-static-0.18.9-lp150.2.6.1 as a component of openSUSE Leap 15.0 libraw-tools-0.18.9-lp150.2.6.1 as a component of openSUSE Leap 15.0 libraw16-0.18.9-lp150.2.6.1 as a component of openSUSE Leap 15.0 There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. CVE-2018-20337 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-20337.html CVE-2018-20337 https://bugzilla.suse.com/1120519 SUSE Bug 1120519 LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. CVE-2018-20363 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-20363.html CVE-2018-20363 https://bugzilla.suse.com/1120498 SUSE Bug 1120498 LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. CVE-2018-20364 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-20364.html CVE-2018-20364 https://bugzilla.suse.com/1120499 SUSE Bug 1120499 LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. CVE-2018-20365 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-20365.html CVE-2018-20365 https://bugzilla.suse.com/1120498 SUSE Bug 1120498 https://bugzilla.suse.com/1120499 SUSE Bug 1120499 https://bugzilla.suse.com/1120500 SUSE Bug 1120500 A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. CVE-2018-5817 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-5817.html CVE-2018-5817 https://bugzilla.suse.com/1120515 SUSE Bug 1120515 An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. CVE-2018-5818 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-5818.html CVE-2018-5818 https://bugzilla.suse.com/1120516 SUSE Bug 1120516 An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. CVE-2018-5819 openSUSE Leap 15.0:libraw-devel-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-devel-static-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw-tools-0.18.9-lp150.2.6.1 openSUSE Leap 15.0:libraw16-0.18.9-lp150.2.6.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00045.html https://www.suse.com/security/cve/CVE-2018-5819.html CVE-2018-5819 https://bugzilla.suse.com/1120517 SUSE Bug 1120517