+++ This bug was initially created as a clone of Bug #22695 +++ Fedora has issued an advisory on February 27: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B2PPQE4XNFYLZ3D72RAUVE6Z227YZ7BH/ 0.18.7 fixed CVE-2018-5800 CVE-2018-5801 CVE-2018-5802, aka SA79000. 0.18.8 fixed SA81000 (Secunia Advisory 81000). openSUSE has issued an advisory for this today (March 18): https://lists.opensuse.org/opensuse-updates/2018-03/msg00063.html Upstream commits from the 0.18.x branch: https://github.com/LibRaw/LibRaw/commit/4cb60a6c8f1ec54e51e805d94213f4d49d6118f6 https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff We fixed these for Mageia 6 in Bug 22695. Mageia 5 is also affected. It'd be nice to at least get fixes in SVN for these.
Ubuntu has issued an advisory today (April 3): https://usn.ubuntu.com/3615-1/ It fixed at least the 0.18.7 issues, as well as CVE-2017-16909, which I don't believe we've fixed yet in Mageia 5. They fixed 0.17.x and 0.15.x, so we can probably adapt patches for 0.16.x.
0.18.9 fixed SA81800 and some buffer and stack overruns: https://www.libraw.org/download
Summary: libraw minor security fixes upstream in 0.18.8 => libraw minor security fixes upstream in 0.18.9Depends on: (none) => 22956
Two more vulnerabilities were discovered in 0.18.9. openSUSE has issued an advisory for this today (May 3): https://lists.opensuse.org/opensuse-updates/2018-05/msg00009.html
Summary: libraw minor security fixes upstream in 0.18.9 => libraw minor security fixes upstream in 0.18.9 (plus CVE-2018-10528 and CVE-2018-10529)
Status comment: (none) => Patches available from openSUSE, Ubuntu, and upstream
The CVEs were fixed in 0.18.10. 0.18.11 fixes SA83050 and other issues: https://www.libraw.org/download
Summary: libraw minor security fixes upstream in 0.18.9 (plus CVE-2018-10528 and CVE-2018-10529) => libraw security fixes upstream in 0.18.11 (including CVE-2018-10528 and CVE-2018-10529)
Ubuntu has issued an advisory for the CVE issues on May 8: https://usn.ubuntu.com/3639-1/
0.18.12 fixes SA83507 and an integer overflow: https://www.libraw.org/download
Summary: libraw security fixes upstream in 0.18.11 (including CVE-2018-10528 and CVE-2018-10529) => libraw security fixes upstream in 0.18.12 (including CVE-2018-10528 and CVE-2018-10529)
0.18.13 fixes two more security issues: https://www.libraw.org/download - fixed possible stack overrun while reading zero-sized strings - fixed possible integer overflow Fedora has issued an advisory for this today (July 24): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SAILUJLX73GTMC4BTJPFRXMDQIFLWFMV/
Summary: libraw security fixes upstream in 0.18.12 (including CVE-2018-10528 and CVE-2018-10529) => libraw security fixes upstream in 0.18.13 (including CVE-2018-10528 and CVE-2018-10529)
0.18.9 fixed CVE-2018-5807 and CVE-2018-581[0-2]: https://bugzilla.suse.com/show_bug.cgi?id=1103361 https://bugzilla.suse.com/show_bug.cgi?id=1103353 https://bugzilla.suse.com/show_bug.cgi?id=1103359 https://bugzilla.suse.com/show_bug.cgi?id=1103360 0.18.11 fixed CVE-2018-5813: https://bugzilla.redhat.com/show_bug.cgi?id=1609954 0.18.12 fixed CVE-2018-5815: https://bugzilla.suse.com/show_bug.cgi?id=1103206 openSUSE has issued an advisory for this today (August 10): https://lists.opensuse.org/opensuse-updates/2018-08/msg00068.html
Summary: libraw security fixes upstream in 0.18.13 (including CVE-2018-10528 and CVE-2018-10529) => libraw security fixes upstream in 0.18.13 (including CVE-2018-1052[89], CVE-2018-5807, CVE-2018-581[0-3,5])
0.18.12 fixed CVE-2018-5816: https://bugzilla.redhat.com/show_bug.cgi?id=1610156
Summary: libraw security fixes upstream in 0.18.13 (including CVE-2018-1052[89], CVE-2018-5807, CVE-2018-581[0-3,5]) => libraw security fixes upstream in 0.18.13 (including CVE-2018-1052[89], CVE-2018-5807, CVE-2018-581[0-3,56])
The limited support Mga5 continued to have after its official EOL has ended, so closing this bug as OLD.
Resolution: (none) => OLDStatus: NEW => RESOLVEDCC: (none) => marja11