Change log for libraw package in Ubuntu

175 of 108 results
Published in noble-proposed
libraw (0.21.2-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Rename libraries for 64-bit time_t transition.  Closes: #1062601

 -- Benjamin Drung <email address hidden>  Wed, 28 Feb 2024 19:43:42 +0000

Available diffs

Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
libraw (0.21.2-2) unstable; urgency=medium

  [ Debian Janitor ]
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.

  [ Matthias Klose ]
  * Mark symbols as optional not seen when building with lto. (Closes:
    #1015516)

  [ Heather Ellsworth ]
  * Open merge request against gitlab on salsa.debian.org

  [ Olivier Tilloy ]
  * Mark C++ template instantiations optional
    (This was already done in Debian due to gcc-13 symbols changes

  [ Gianfranco Costamagna ]
  * Team upload
  * Sort symbols
  * Drop duplicated symbols

 -- Gianfranco Costamagna <email address hidden>  Mon, 15 Jan 2024 10:04:22 +0100
Superseded in noble-proposed
libraw (0.21.2-2~build1) noble; urgency=medium

  [ Debian Janitor ]
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.

  [ Matthias Klose ]
  * Mark symbols as optional not seen when building with lto. (Closes:
    #1015516)

  [ Gianfranco Costamagna ]
  * Sort symbols
  * Drop duplicated symbols

 -- Gianfranco Costamagna <email address hidden>  Mon, 15 Jan 2024 10:04:22 +0100
Superseded in noble-proposed
libraw (0.21.2-1) unstable; urgency=medium

  * New upstream release
  * debian/patches/: patchset updated
    - Old patches dropped (merged upstream)
    - 0001-CR3-Qstep-table-avoid-wrong-64-bit-code-generation.patch added
    (Closes: #1060257)

 -- Matteo F. Vescovi <email address hidden>  Sun, 14 Jan 2024 18:24:49 +0100
Published in focal-updates
Published in focal-security
libraw (0.19.5-1ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via out-of-bounds read
    - debian/patches/CVE-2020-22628.patch: early reject images w/ broken
      pixel aspect ratio in dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2020-22628

 -- Marc Deslauriers <email address hidden>  Thu, 14 Sep 2023 13:09:14 -0400
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
libraw (0.21.1-7ubuntu2) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

 -- Gianfranco Costamagna <email address hidden>  Tue, 25 Jul 2023 12:36:04 +0200
Superseded in mantic-proposed
libraw (0.21.1-7ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

 -- Gianfranco Costamagna <email address hidden>  Tue, 25 Jul 2023 12:36:04 +0200
Superseded in mantic-proposed
libraw (0.21.1-7) unstable; urgency=medium

  * debian/libraw23.symbols: more symbols fixing

 -- Matteo F. Vescovi <email address hidden>  Mon, 24 Jul 2023 14:22:16 +0200
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
libraw (0.21.1-6ubuntu2) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

 -- Gianfranco Costamagna <email address hidden>  Sun, 23 Jul 2023 09:13:55 +0200
Superseded in mantic-proposed
libraw (0.21.1-6ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

Superseded in mantic-proposed
libraw (0.21.1-6) unstable; urgency=medium

  * debian/patches/: patchset updated
    - 0002-raw-identify-use-fallback-if-PATH_MAX-not-available.patch added
  * debian/libraw23.symbols: initial fix after gcc-13

 -- Matteo F. Vescovi <email address hidden>  Sat, 22 Jul 2023 23:08:47 +0200
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
libraw (0.21.1-5ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
libraw (0.21.1-4ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

 -- Gianfranco Costamagna <email address hidden>  Sat, 15 Jul 2023 08:45:55 +0200
Superseded in mantic-proposed
libraw (0.21.1-4) unstable; urgency=medium

  * Upload to unstable

 -- Matteo F. Vescovi <email address hidden>  Sun, 02 Jul 2023 16:56:51 +0200
Superseded in focal-updates
Superseded in focal-security
libraw (0.19.5-1ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/CVE-2021-32142.patch: check for input buffer size on
      datastream::gets in src/libraw_datastream.cpp.
    - CVE-2021-32142
  * SECURITY UPDATE: heap-buffer-overflow in raw2image_ex()
    - debian/patches/CVE-2023-1729.patch: do not set shrink flag for 3/4
      component images in src/libraw_cxx.cpp.
    - CVE-2023-1729

 -- Marc Deslauriers <email address hidden>  Thu, 01 Jun 2023 13:13:14 -0400
Obsolete in kinetic-updates
Obsolete in kinetic-security
libraw (0.20.2-2ubuntu2.22.10.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/CVE-2021-32142.patch: check for input buffer size on
      datastream::gets in src/libraw_datastream.cpp.
    - CVE-2021-32142
  * SECURITY UPDATE: heap-buffer-overflow in raw2image_ex()
    - debian/patches/CVE-2023-1729.patch: do not set shrink flag for 3/4
      component images in src/preprocessing/raw2image.cpp.
    - CVE-2023-1729

 -- Marc Deslauriers <email address hidden>  Thu, 01 Jun 2023 13:03:58 -0400
Published in jammy-updates
Published in jammy-security
libraw (0.20.2-2ubuntu2.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/CVE-2021-32142.patch: check for input buffer size on
      datastream::gets in src/libraw_datastream.cpp.
    - CVE-2021-32142
  * SECURITY UPDATE: heap-buffer-overflow in raw2image_ex()
    - debian/patches/CVE-2023-1729.patch: do not set shrink flag for 3/4
      component images in src/preprocessing/raw2image.cpp.
    - CVE-2023-1729

 -- Marc Deslauriers <email address hidden>  Thu, 01 Jun 2023 13:03:58 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
libraw (0.20.2-2.1ubuntu1) mantic; urgency=medium

  * Merge with Debian. Remaining changes:
    - Mark C++ template instantiation symbols optional
    - Mark symbols as optional not seen when building with lto

Published in lunar-updates
Published in lunar-security
libraw (0.20.2-2ubuntu2.23.04.1) lunar-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/CVE-2021-32142.patch: check for input buffer size on
      datastream::gets in src/libraw_datastream.cpp.
    - CVE-2021-32142
  * SECURITY UPDATE: heap-buffer-overflow in raw2image_ex()
    - debian/patches/CVE-2023-1729.patch: do not set shrink flag for 3/4
      component images in src/preprocessing/raw2image.cpp.
    - CVE-2023-1729

 -- Marc Deslauriers <email address hidden>  Thu, 01 Jun 2023 13:03:58 -0400
Published in bionic-updates
Published in bionic-security
libraw (0.18.8-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: missing thumbnail size range checks
    - debian/patches/CVE-2020-15503.patch: add checks to
      libraw/libraw_const.h, src/libraw_cxx.cpp.
    - CVE-2020-15503
  * SECURITY UPDATE: out-of-bounds write via X3F file
    - debian/patches/CVE-2020-35530.patch: check huffman tree size in
      internal/libraw_x3f.cpp.
    - CVE-2020-35530
  * SECURITY UPDATE: out-of-bounds read in get_huffman_diff()
    - debian/patches/CVE-2020-35531.patch: check for data offset limit in
      internal/libraw_x3f.cpp.
    - CVE-2020-35531
  * SECURITY UPDATE: out-of-bounds read via a large row_stride field
    - debian/patches/CVE-2020-35532.patch: check for data offset limit in
      internal/libraw_x3f.cpp.
    - CVE-2020-35532
  * SECURITY UPDATE: out-of-bounds read in adobe_copy_pixel()
    - debian/patches/CVE-2020-35533.patch: more room for ljpeg row in
      dcraw/dcraw.c.
    - CVE-2020-35533

 -- Marc Deslauriers <email address hidden>  Fri, 04 Nov 2022 14:02:18 -0400
Superseded in focal-updates
Superseded in focal-security
libraw (0.19.5-1ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: missing thumbnail size range checks
    - debian/patches/CVE-2020-15503.patch: add checks to
      libraw/libraw_const.h, src/libraw_cxx.cpp.
    - CVE-2020-15503
  * SECURITY UPDATE: out-of-bounds write via X3F file
    - debian/patches/CVE-2020-35530.patch: check huffman tree size in
      internal/libraw_x3f.cpp.
    - CVE-2020-35530
  * SECURITY UPDATE: out-of-bounds read in get_huffman_diff()
    - debian/patches/CVE-2020-35531.patch: check for data offset limit in
      internal/libraw_x3f.cpp.
    - CVE-2020-35531
  * SECURITY UPDATE: out-of-bounds read via a large row_stride field
    - debian/patches/CVE-2020-35532.patch: check for data offset limit in
      internal/libraw_x3f.cpp.
    - CVE-2020-35532
  * SECURITY UPDATE: out-of-bounds read in adobe_copy_pixel()
    - debian/patches/CVE-2020-35533.patch: more room for ljpeg row in
      dcraw/dcraw.c.
    - CVE-2020-35533

 -- Marc Deslauriers <email address hidden>  Fri, 04 Nov 2022 13:37:22 -0400
Superseded in mantic-release
Published in lunar-release
Obsolete in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
libraw (0.20.2-2ubuntu2) jammy; urgency=high

  * No change rebuild for ppc64el baseline bump.

 -- Julian Andres Klode <email address hidden>  Thu, 24 Mar 2022 13:14:52 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
libraw (0.20.2-2ubuntu1) jammy; urgency=medium

  * Merge with/Rebase on Debian. Remaining changes:
    - Mark C++ template instantiation symbols optional (LP: #1917756)
    - Mark symbols as optional not seen when building with lto

Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
libraw (0.20.2-1ubuntu3) impish; urgency=medium

  * No-change rebuild to build packages with zstd compression.

 -- Matthias Klose <email address hidden>  Thu, 07 Oct 2021 12:17:50 +0200

Available diffs

Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute)
libraw (0.20.2-1ubuntu2) hirsute; urgency=medium

  * Mark symbols as optional not seen when building with lto.

 -- Matthias Klose <email address hidden>  Mon, 22 Mar 2021 21:10:42 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release)
libraw (0.20.2-1ubuntu1) hirsute; urgency=medium

  * debian/libraw20.symbols: mark C++ template instantiations optional
    (LP: #1917756)

 -- Olivier Tilloy <email address hidden>  Thu, 04 Mar 2021 12:21:24 +0100
Superseded in hirsute-proposed
libraw (0.20.2-1) unstable; urgency=medium

  * New upstream release

 -- Matteo F. Vescovi <email address hidden>  Mon, 19 Oct 2020 23:00:12 +0200
Superseded in hirsute-release
Obsolete in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release)
libraw (0.19.5-1ubuntu1) focal; urgency=medium

  * debian/tests/build:
    - Use the correct compiler for proposed autopkgtest cross-testing
      support.

 -- Sebastien Bacher <email address hidden>  Tue, 24 Mar 2020 16:36:35 +0100
Superseded in focal-proposed
libraw (0.19.5-1build1) focal; urgency=medium

  * No-change rebuild for libgcc-s1 package name change.

 -- Matthias Klose <email address hidden>  Sat, 21 Mar 2020 13:28:32 +0100
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release)
libraw (0.19.5-1) unstable; urgency=medium

  * New upstream release

 -- Matteo F. Vescovi <email address hidden>  Wed, 28 Aug 2019 23:45:51 +0200

Available diffs

Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release)
libraw (0.19.4-1) unstable; urgency=medium

  * New upstream release
  * debian/: really bump debhelper to v12
  * debian/control: S-V bump 4.3.0 -> 4.4.0 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Fri, 09 Aug 2019 22:29:04 +0200
Deleted in eoan-proposed (Reason: include an ABI change, will be fixed in the next version)
libraw (0.19.3-1) unstable; urgency=medium

  * New upstream release
    - debian/patches/: patchset dropped (applied upstream)

 -- Matteo F. Vescovi <email address hidden>  Thu, 11 Jul 2019 22:46:26 +0200
Published in xenial-updates
Published in xenial-security
libraw (0.17.1-1ubuntu0.5) xenial-security; urgency=medium

  * SECURITY UPDATE: infinite loop issues
    - debian/patches/CVE-2018-581x.patch: add more checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-5817
    - CVE-2018-5818
    - CVE-2018-5819
  * SECURITY UPDATE: NULL deref in LibRaw::raw2image
    - debian/patches/CVE-2018-20363.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20363
  * SECURITY UPDATE: NULL deref in LibRaw::copy_bayer
    - debian/patches/CVE-2018-20364.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20364
  * SECURITY UPDATE: heap overflow in LibRaw::raw2image()
    - debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-20365

 -- Marc Deslauriers <email address hidden>  Fri, 17 May 2019 14:00:06 -0400
Obsolete in cosmic-updates
Obsolete in cosmic-security
libraw (0.18.13-1ubuntu0.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: infinite loop issues
    - debian/patches/CVE-2018-581x.patch: add more checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-5817
    - CVE-2018-5818
    - CVE-2018-5819
  * SECURITY UPDATE: stack overflow in parse_makernote
    - debian/patches/CVE-2018-20337.patch: properly calculate length in
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2018-20337
  * SECURITY UPDATE: NULL deref in LibRaw::raw2image
    - debian/patches/CVE-2018-20363.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20363
  * SECURITY UPDATE: NULL deref in LibRaw::copy_bayer
    - debian/patches/CVE-2018-20364.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20364
  * SECURITY UPDATE: heap overflow in LibRaw::raw2image()
    - debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-20365

 -- Marc Deslauriers <email address hidden>  Fri, 17 May 2019 11:50:29 -0400
Superseded in bionic-updates
Superseded in bionic-security
libraw (0.18.8-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: infinite loop issues
    - debian/patches/CVE-2018-581x.patch: add more checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-5817
    - CVE-2018-5818
    - CVE-2018-5819
  * SECURITY UPDATE: stack overflow in parse_makernote
    - debian/patches/CVE-2018-20337.patch: properly calculate length in
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2018-20337
  * SECURITY UPDATE: NULL deref in LibRaw::raw2image
    - debian/patches/CVE-2018-20363.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20363
  * SECURITY UPDATE: NULL deref in LibRaw::copy_bayer
    - debian/patches/CVE-2018-20364.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20364
  * SECURITY UPDATE: heap overflow in LibRaw::raw2image()
    - debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-20365

 -- Marc Deslauriers <email address hidden>  Fri, 17 May 2019 13:54:32 -0400
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release)
libraw (0.19.2-2) unstable; urgency=medium

  * debian/patches/: patchset updated
    - 0001-Fix_CVE-2018-20365_for_real.patch added
  * debian/: debhelper bump 11 -> 12

 -- Matteo F. Vescovi <email address hidden>  Thu, 10 Jan 2019 21:51:18 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libraw (0.19.2-1) unstable; urgency=medium

  * New upstream release
    This minor release fixes the following
    security issues:
    - CVE-2018-20337
    - CVE-2018-20363
    - CVE-2018-20364
    - CVE-2018-20365
  * debian/control: S-V bump 4.2.1 -> 4.3.0 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Thu, 27 Dec 2018 21:25:22 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libraw (0.19.1-1) unstable; urgency=medium

  * New upstream release

 -- Matteo F. Vescovi <email address hidden>  Sun, 16 Dec 2018 14:34:20 +0100

Available diffs

Superseded in xenial-updates
Superseded in xenial-security
libraw (0.17.1-1ubuntu0.4) xenial-security; urgency=medium

  * SECURITY UPDATE: Multiple memory management issues
    - debian/patches/CVE-2018-5807_5810_5811_5812.patch: out-of-bounds
      reads, heap-based buffer overflow and NULL pointer dereference in
      internal/dcraw_common.cpp
    - CVE-2018-5807
    - CVE-2018-5810
    - CVE-2018-5811
    - CVE-2018-5812
  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2018-5813.patch: infinite loop in dcraw/dcraw.c
      and internal/dcraw_common.cpp
    - CVE-2018-5813
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-5815.patch: integer overflow in
      internal/dcraw_common.cpp
    - CVE-2018-5815
  * SECURITY UPDATE: Divide by zero
    - debian/patches/CVE-2018-5816.patch: divide by zero in
      internal/dcraw_common.cpp
    - CVE-2018-5816

 -- Alex Murray <email address hidden>  Tue, 04 Dec 2018 16:09:49 +1030
Superseded in bionic-updates
Superseded in bionic-security
libraw (0.18.8-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple memory management issues
    - debian/patches/CVE-2018-5807_5810_5811_5812.patch: out-of-bounds
      reads, heap-based buffer overflow and NULL pointer dereference in
      internal/dcraw_common.cpp
    - CVE-2018-5807
    - CVE-2018-5810
    - CVE-2018-5811
    - CVE-2018-5812
  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2018-5813.patch: infinite loop in dcraw/dcraw.c
      and internal/dcraw_common.cpp
    - CVE-2018-5813
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-5815.patch: integer overflow in
      internal/dcraw_common.cpp
    - CVE-2018-5815
  * SECURITY UPDATE: Divide by zero
    - debian/patches/CVE-2018-5816.patch: divide by zero in
      internal/dcraw_common.cpp
    - CVE-2018-5816

 -- Alex Murray <email address hidden>  Tue, 04 Dec 2018 15:38:46 +1030
Published in trusty-updates
Published in trusty-security
libraw (0.15.4-1ubuntu0.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Multiple memory management issues
    - debian/patches/CVE-2018-5807_5810.patch: out-of-bounds read and NULL
      pointer dereference in dcraw/dcraw.c and internal/dcraw_common.cpp
    - CVE-2018-5807
    - CVE-2018-5810
  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2018-5813.patch: infinite loop in dcraw/dcraw.c
      and internal/dcraw_common.cpp
    - CVE-2018-5813

 -- Alex Murray <email address hidden>  Wed, 05 Dec 2018 13:54:32 +1030
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libraw (0.19.0-4) unstable; urgency=medium

  [ Jeremy Bicha ]
  * debian/libraw19.symbols: Mark 2 symbols as optional
    which disappear when built with -O3 on Ubuntu's ppc64el

 -- Matteo F. Vescovi <email address hidden>  Fri, 09 Nov 2018 22:53:58 +0100
Superseded in disco-proposed
libraw (0.19.0-3ubuntu1) disco; urgency=medium

  * debian/libraw19.symbols: Mark 2 symbols as optional
    which disappear when built with -O3 on Ubuntu's ppc64el

 -- Jeremy Bicha <email address hidden>  Fri, 09 Nov 2018 15:45:15 -0500
Superseded in disco-proposed
libraw (0.19.0-3) unstable; urgency=medium

  * Upload to unstable
  * debian/control: S-V bump 4.1.5 -> 4.2.1 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Mon, 27 Aug 2018 23:10:52 +0200
Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libraw (0.18.13-1) unstable; urgency=medium

  * New upstream release
  * debian/control: S-V bump 4.1.4 -> 4.1.5 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Fri, 13 Jul 2018 00:05:29 +0200

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libraw (0.18.11-1) unstable; urgency=high

  * New upstream release (Closes: #897185, #897186)
    - Fix CVE-2018-10528 and CVE-2018-10529
  * debian/control: S-V bump 4.1.3 -> 4.1.4 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Tue, 29 May 2018 23:40:01 +0200
Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libraw (0.18.8-2ubuntu1) cosmic; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2018-10528.patch: parser possible
      buffer overrun in  src/libraw_cxx.cpp.
    - CVE-2018-10528
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-10529.patch: X3F property table list fix
      in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
    - CVE-2018-10529

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 16 May 2018 13:07:00 -0300
Superseded in xenial-updates
Superseded in xenial-security
libraw (0.17.1-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2018-10528.patch: parser possible
      buffer overrun in  src/libraw_cxx.cpp.
    - CVE-2018-10528
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-10529.patch: X3F property table list fix
      in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
    - CVE-2018-10529

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 07 May 2018 11:35:20 -0300
Obsolete in artful-updates
Obsolete in artful-security
libraw (0.18.2-2ubuntu0.3) artful-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2018-10528.patch: parser possible
      buffer overrun in  src/libraw_cxx.cpp.
    - CVE-2018-10528
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-10529.patch: X3F property table list fix
      in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
    - CVE-2018-10529

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 07 May 2018 11:25:51 -0300
Superseded in bionic-updates
Superseded in bionic-security
libraw (0.18.8-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2018-10528.patch: parser possible
      buffer overrun in  src/libraw_cxx.cpp.
    - CVE-2018-10528
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-10529.patch: X3F property table list fix
      in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
    - CVE-2018-10529

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 07 May 2018 11:31:13 -0300
Superseded in artful-updates
Superseded in artful-security
libraw (0.18.2-2ubuntu0.2) artful-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in panasonic_load_raw
    - debian/patches/CVE-2017-16909.patch: add more bounds checking to
      dcraw/dcraw.c, internal/dcraw_common.cpp, libraw/libraw_const.h.
    - CVE-2017-16909
  * SECURITY UPDATE: invalid read in xtrans_interpolate
    - debian/patches/CVE-2017-16910.patch: add checks and proper
      initialization to dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2017-16910
  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-2018-580x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp, src/libraw_cxx.cpp.
    - CVE-2018-5800
    - CVE-2018-5801
    - CVE-2018-5802
  * SECURITY UPDATE: image size and alloc issues
    - debian/patches/security_0.18.8_1.patch: add more checks to
      dcraw/dcraw.c, internal/dcraw_common.cpp, libraw/libraw_const.h,
      src/libraw_cxx.cpp.
    - No CVE number
  * SECURITY UPDATE: Secunia #81000 security issues
    - debian/patches/security_0.18.8_2.patch: add more checks to
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Fri, 30 Mar 2018 08:23:34 -0400
Superseded in xenial-updates
Superseded in xenial-security
libraw (0.17.1-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in panasonic_load_raw
    - debian/patches/CVE-2017-16909.patch: add more bounds checking to
      dcraw/dcraw.c, internal/dcraw_common.cpp, libraw/libraw_const.h.
    - CVE-2017-16909
  * SECURITY UPDATE: invalid read in xtrans_interpolate
    - debian/patches/CVE-2017-16910.patch: add checks and proper
      initialization to dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2017-16910
  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-2018-580x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp, src/libraw_cxx.cpp.
    - CVE-2018-5800
    - CVE-2018-5801
    - CVE-2018-5802
  * SECURITY UPDATE: image size and alloc issues
    - debian/patches/security_0.18.8_1.patch: add more checks to
      dcraw/dcraw.c, internal/dcraw_common.cpp, libraw/libraw_const.h,
      src/libraw_cxx.cpp.
    - No CVE number
  * SECURITY UPDATE: Secunia #81000 security issues
    - debian/patches/security_0.18.8_2.patch: add more checks to
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Fri, 30 Mar 2018 09:24:02 -0400
Superseded in trusty-updates
Superseded in trusty-security
libraw (0.15.4-1ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in panasonic_load_raw
    - debian/patches/CVE-2017-16909.patch: add more bounds checking to
      dcraw/dcraw.c, internal/dcraw_common.cpp, libraw/libraw_const.h.
    - CVE-2017-16909
  * SECURITY UPDATE: invalid read in xtrans_interpolate
    - debian/patches/CVE-2017-16910.patch: add checks and proper
      initialization to dcraw/dcraw.c.
    - CVE-2017-16910
  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-2018-580x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp, src/libraw_cxx.cpp.
    - CVE-2018-5800
    - CVE-2018-5801
    - CVE-2018-5802
  * SECURITY UPDATE: image size and alloc issues
    - debian/patches/security_0.18.8_1.patch: add more checks to
      dcraw/dcraw.c, internal/dcraw_common.cpp, libraw/libraw_const.h,
      src/libraw_cxx.cpp.
    - No CVE number
  * SECURITY UPDATE: Secunia #81000 security issues
    - debian/patches/security_0.18.8_2.patch: add more checks to
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Fri, 30 Mar 2018 10:11:50 -0400
Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libraw (0.18.8-2) unstable; urgency=medium

  [ Mattia Rizzolo ]
  * d/control: Update the Vcs-* fields for the move to salsa.debian.org.
  * Use HTTPS in the Homepage field.
  * d/rules: make use of dpkg-buildflags facilities to set LDFLAGS
    built files are bit-by-bit reproducible.
  * d/rules: drop option already passed by dh_auto_configure --prefix=/usr
  * d/rules: drop manual invocation of dh_makeshlibs.
  * Simplify symbols file, collating the architectures filters
    into arch-bits=64/32.

  [ Matteo F. Vescovi ]
  * debian/libraw16.symbols: MISSING entries dropped

 -- Matteo F. Vescovi <email address hidden>  Tue, 06 Mar 2018 22:33:44 +0100

Available diffs

Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libraw (0.18.8-1) unstable; urgency=medium

  * New upstream release
    - debian/libraw16.symbols: symbols updated

 -- Matteo F. Vescovi <email address hidden>  Sun, 04 Mar 2018 15:29:17 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libraw (0.18.7-2) unstable; urgency=medium

  [ Jason Duerstock ]
  * debian/libraw16.symbols: symbols refreshed to add ia64 architecture
    (Closes: #888061)

 -- Matteo F. Vescovi <email address hidden>  Wed, 24 Jan 2018 14:44:01 +0100
Superseded in bionic-proposed
libraw (0.18.7-1) unstable; urgency=medium

  * New upstream release
  * debian/copyright: copyright-format moved to https://

 -- Matteo F. Vescovi <email address hidden>  Mon, 22 Jan 2018 23:02:49 +0100

Available diffs

Superseded in bionic-proposed
libraw (0.18.6-1) unstable; urgency=medium

  * New upstream release
  * debian/compat: 10 -> 11
  * debian/control: debhelper versioning 10 -> 11
  * debian/control: S-V bump 4.1.1 -> 4.1.3 (no changes needed)
  * debian/libraw16.symbols: update MISSING symbols
  * debian/libraw-doc.doc-base: fix installation path

 -- Matteo F. Vescovi <email address hidden>  Sun, 07 Jan 2018 14:04:54 +0100

Available diffs

Superseded in xenial-updates
Superseded in xenial-security
libraw (0.17.1-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: memory corruption in parse_tiff_ifd
    - debian/patches/CVE-2017-688x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-6886
    - CVE-2017-6887
  * SECURITY UPDATE: floating point exception in kodak_radc_load_raw
    - debian/patches/CVE-2017-13735.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-13735
  * SECURITY UPDATE: buffer overflow in xtrans_interpolate
    - debian/patches/CVE-2017-14265.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14265
  * SECURITY UPDATE: buffer overflow in processCanonCameraInfo
    - debian/patches/CVE-2017-14348.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14348
  * SECURITY UPDATE: out of bounds read in kodak_65000_load_raw
    - debian/patches/CVE-2017-14608.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14608

 -- Marc Deslauriers <email address hidden>  Thu, 16 Nov 2017 14:02:11 -0500
Superseded in trusty-updates
Superseded in trusty-security
libraw (0.15.4-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: integer overflow in ljpeg_start
    - debian/patches/CVE-2015-3885.patch: use ushort in dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2015-3885
  * SECURITY UPDATE: index overflow and lack of initialization
    - debian/patches/CVE-2015-836x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp, add proper initialization to
      src/libraw_cxx.cpp.
    - CVE-2015-8366
    - CVE-2015-8367
  * SECURITY UPDATE: memory corruption in parse_tiff_ifd
    - debian/patches/CVE-2017-688x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-6886
    - CVE-2017-6887
  * SECURITY UPDATE: floating point exception in kodak_radc_load_raw
    - debian/patches/CVE-2017-13735.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-13735
  * SECURITY UPDATE: buffer overflow in xtrans_interpolate
    - debian/patches/CVE-2017-14265.patch: add checks to dcraw/dcraw.c.
    - CVE-2017-14265
  * SECURITY UPDATE: out of bounds read in kodak_65000_load_raw
    - debian/patches/CVE-2017-14608.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14608

 -- Marc Deslauriers <email address hidden>  Thu, 16 Nov 2017 14:15:58 -0500
Obsolete in zesty-updates
Obsolete in zesty-security
libraw (0.18.1-1ubuntu0.1) zesty-security; urgency=medium

  * SECURITY UPDATE: memory corruption in parse_tiff_ifd
    - debian/patches/CVE-2017-688x.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-6886
    - CVE-2017-6887
  * SECURITY UPDATE: floating point exception in kodak_radc_load_raw
    - debian/patches/CVE-2017-13735.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-13735
  * SECURITY UPDATE: buffer overflow in xtrans_interpolate
    - debian/patches/CVE-2017-14265.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14265
  * SECURITY UPDATE: buffer overflow in processCanonCameraInfo
    - debian/patches/CVE-2017-14348.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14348
  * SECURITY UPDATE: out of bounds read in kodak_65000_load_raw
    - debian/patches/CVE-2017-14608.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14608

 -- Marc Deslauriers <email address hidden>  Thu, 16 Nov 2017 13:53:54 -0500
Superseded in artful-updates
Superseded in artful-security
libraw (0.18.2-2ubuntu0.1) artful-security; urgency=medium

  * SECURITY UPDATE: floating point exception in kodak_radc_load_raw
    - debian/patches/CVE-2017-13735.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-13735
  * SECURITY UPDATE: buffer overflow in xtrans_interpolate
    - debian/patches/CVE-2017-14265.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14265
  * SECURITY UPDATE: buffer overflow in processCanonCameraInfo
    - debian/patches/CVE-2017-14348.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14348
  * SECURITY UPDATE: out of bounds read in kodak_65000_load_raw
    - debian/patches/CVE-2017-14608.patch: add checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2017-14608

 -- Marc Deslauriers <email address hidden>  Thu, 16 Nov 2017 13:43:56 -0500
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libraw (0.18.5-1) unstable; urgency=medium

  * New upstream release (Closes: #874729)
  * debian/: autotools-dev usage dropped
  * debian/control: S-V bump 4.0.0 -> 4.1.1 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Fri, 06 Oct 2017 21:51:38 +0200

Available diffs

Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release)
libraw (0.18.2-2) unstable; urgency=medium

  * Upload to unstable
  * debian/control: S-V bump 3.9.8 => 4.0.0 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Thu, 22 Jun 2017 17:32:33 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release)
libraw (0.18.2-1) experimental; urgency=medium

  * New upstream release
    - debian/libraw16.symbols: MISSING symbols updated

 -- Matteo F. Vescovi <email address hidden>  Sat, 25 Mar 2017 13:45:42 +0100

Available diffs

Superseded in artful-release
Obsolete in zesty-release
Deleted in zesty-proposed (Reason: moved to release)
libraw (0.18.1-1) experimental; urgency=medium

  * New upstream release

 -- Matteo F. Vescovi <email address hidden>  Fri, 03 Mar 2017 14:57:36 +0100

Available diffs

Superseded in zesty-release
Deleted in zesty-proposed (Reason: moved to release)
libraw (0.18.0-1) experimental; urgency=medium

  * New upstream release
    - debian/: SONAME bump libraw15 => libraw16
    - debian/libraw16.symbols: symbols updated
    - debian/copyright: licenses updated
    - debian/patches/: patchset dropped (applied upstream)
  * debian/: bump compatibility 9 -> 10

 -- Matteo F. Vescovi <email address hidden>  Mon, 02 Jan 2017 13:52:44 +0100

Available diffs

Superseded in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
libraw (0.17.2-6) unstable; urgency=medium

  * debian/patches/: patchset updated (again)
    - 0001-Fix_gcc6_narrowing_error.patch replaced with
      0001-Fix_gcc6_narrowing_conversion.patch since it
      was causing FTBFS on most little-endian architectures
      Thanks to Alex Tutubalin (upstream) for the quick fix.

 -- Matteo F. Vescovi <email address hidden>  Thu, 25 Aug 2016 22:29:57 +0200
Superseded in yakkety-proposed
libraw (0.17.2-5) unstable; urgency=medium

  * debian/patches/: patchset updated
    - 0001-Fix_dcraw_narrowing_for_gcc6.patch dropped
      (wrong approach to fix the issue)
    - 0001-Fix_gcc6_narrowing_error.patch added (Closes: #835350)

 -- Matteo F. Vescovi <email address hidden>  Wed, 24 Aug 2016 22:26:35 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
libraw (0.17.2-4) unstable; urgency=medium

  * debian/patches/: patchset updated (Closes: #811744)
    - 0001-Fix_dcraw_narrowing_for_gcc6.patch refreshed
      Thanks to Alex Tutubalin (upstream dev) for the advice.

 -- Matteo F. Vescovi <email address hidden>  Wed, 27 Jul 2016 23:33:34 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
libraw (0.17.2-3) unstable; urgency=medium

  * debian/patches/: patchset initiated (Closes: #811744)
    - 0001-Fix_dcraw_narrowing_for_gcc6.patch added

 -- Matteo F. Vescovi <email address hidden>  Thu, 30 Jun 2016 22:12:11 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
libraw (0.17.2-2) unstable; urgency=medium

  * debian/control: libjasper-dev b-dep dropped (Closes: #818204)

 -- Matteo F. Vescovi <email address hidden>  Sun, 26 Jun 2016 14:22:59 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release)
libraw (0.17.2-1) unstable; urgency=medium

  * New upstream release
  * debian/control: Maintainer field updated.
    Sadly, the Shotwell Team has dissolved.
    Now the LibRaw is under PhotoTools Maintainers umbrella.
  * debian/control: S-V bump 3.9.6 -> 3.9.8 (no changes needed)
  * debian/control: Vcs-* fields updated for https:// usage
  * debian/libraw15.symbols: symbols updated

 -- Matteo F. Vescovi <email address hidden>  Wed, 25 May 2016 22:02:07 +0200

Available diffs

Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
libraw (0.17.1-1) unstable; urgency=high

  * New upstream release (Closes: #806809)
    - Fix CVE-2015-8366 and CVE-2015-8367

 -- Matteo F. Vescovi <email address hidden>  Thu, 03 Dec 2015 21:19:12 +0100

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release)
libraw (0.17.0-1) unstable; urgency=medium

  * New upstream release
    - debian/: SONAME bump libraw10 => libraw15
    - debian/rules: bump dh_makeshlibs to libraw15
    - debian/libraw15.symbols: symbols refreshed
  * debian/copyright: file updated

 -- Matteo F. Vescovi <email address hidden>  Fri, 16 Oct 2015 10:03:52 +0200

Available diffs

175 of 108 results