——————————————————————————–
Fedora Update Notification
FEDORA-2018-08ea7a5f0b
2018-05-15 19:52:12.739846
——————————————————————————–

Name : LibRaw
Product : Fedora 27
Version : 0.18.11
Release : 1.fc27
URL : http://www.libraw.org
Summary : Library for reading RAW files obtained from digital photo cameras
Description :
LibRaw is a library for reading RAW files obtained from digital photo
cameras (CRW/CR2, NEF, RAF, DNG, and others).

LibRaw is based on the source codes of the dcraw utility, where part of
drawbacks have already been eliminated and part will be fixed in future.

——————————————————————————–
Update Information:

https://www.libraw.org/news/libraw-0-18-11 —- CVE-2018-10529 fixed: out
of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in
X3F parser
——————————————————————————–
ChangeLog:

* Thu May 10 2018 Gwyn Ciesla <limburgher@gmail.com> – 0.18.11-1
– 0.18.11.
* Thu May 3 2018 Gwyn Ciesla <limburgher@gmail.com> – 0.18.10-1
– 0.18.10.
* Wed Apr 25 2018 Gwyn Ciesla <limburgher@gmail.com> – 0.18.9-1
– 0.18.9.
* Sat Feb 24 2018 Gwyn Ciesla <limburgher@gmail.com> – 0.18.8-1
– 0.18.8.
* Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> – 0.18.7-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Feb 2 2018 Gwyn Ciesla <limburgher@gmail.com> – 0.18.7-2
– Patch for updated glibc.
* Fri Jan 19 2018 Gwyn Ciesla <limburgher@gmail.com> – 0.18.7-1
– 0.18.7
– Patch for ambiguous function call.
* Wed Dec 6 2017 Gwyn Ciesla <limburgher@gmail.com> – 0.18.6-1
– 0.18.6
——————————————————————————–
References:

[ 1 ] Bug #1576801 – LibRaw-0.18.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1576801
[ 2 ] Bug #1574326 – CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1574326
[ 3 ] Bug #1574322 – CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1574322
[ 4 ] Bug #1574486 – LibRaw-0.18.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1574486
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-08ea7a5f0b’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-d3b44e5574
2018-05-16 13:05:35.606735
——————————————————————————–

Name : mingw-LibRaw
Product : Fedora 28
Version : 0.18.10
Release : 1.fc28
URL : http://www.libraw.org
Summary : Library for reading RAW files obtained from digital photo cameras
Description :
MinGW Windows LibRaw library.

——————————————————————————–
Update Information:

Update to LibRaw-0.18.10, see https://www.libraw.org/news/libraw-0-18-10 for
details. —- Update to LibRaw-0.18.9, see
https://www.libraw.org/news/libraw-0-18-9 for details.
——————————————————————————–
ChangeLog:

* Mon May 7 2018 Sandro Mani <manisandro@gmail.com> – 0.18.10-1
– Update to 0.18.10
* Wed Apr 25 2018 Sandro Mani <manisandro@gmail.com> – 0.18.9-1
– Update to 0.18.9
——————————————————————————–
References:

[ 1 ] Bug #1574327 – CVE-2018-10529 mingw-LibRaw: LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1574327
[ 2 ] Bug #1574319 – CVE-2018-10528 mingw-LibRaw: LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1574319
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-d3b44e5574’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org