Ubuntu
libraw package

Change logs for libraw source package in Bionic

Bionic (18.04)
Change log

libraw (0.18.8-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: missing thumbnail size range checks
    - debian/patches/CVE-2020-15503.patch: add checks to
      libraw/libraw_const.h, src/libraw_cxx.cpp.
    - CVE-2020-15503
  * SECURITY UPDATE: out-of-bounds write via X3F file
    - debian/patches/CVE-2020-35530.patch: check huffman tree size in
      internal/libraw_x3f.cpp.
    - CVE-2020-35530
  * SECURITY UPDATE: out-of-bounds read in get_huffman_diff()
    - debian/patches/CVE-2020-35531.patch: check for data offset limit in
      internal/libraw_x3f.cpp.
    - CVE-2020-35531
  * SECURITY UPDATE: out-of-bounds read via a large row_stride field
    - debian/patches/CVE-2020-35532.patch: check for data offset limit in
      internal/libraw_x3f.cpp.
    - CVE-2020-35532
  * SECURITY UPDATE: out-of-bounds read in adobe_copy_pixel()
    - debian/patches/CVE-2020-35533.patch: more room for ljpeg row in
      dcraw/dcraw.c.
    - CVE-2020-35533

 -- Marc Deslauriers <email address hidden>  Fri, 04 Nov 2022 14:02:18 -0400

libraw (0.18.8-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: infinite loop issues
    - debian/patches/CVE-2018-581x.patch: add more checks to dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-5817
    - CVE-2018-5818
    - CVE-2018-5819
  * SECURITY UPDATE: stack overflow in parse_makernote
    - debian/patches/CVE-2018-20337.patch: properly calculate length in
      dcraw/dcraw.c, internal/dcraw_common.cpp.
    - CVE-2018-20337
  * SECURITY UPDATE: NULL deref in LibRaw::raw2image
    - debian/patches/CVE-2018-20363.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20363
  * SECURITY UPDATE: NULL deref in LibRaw::copy_bayer
    - debian/patches/CVE-2018-20364.patch: add check in src/libraw_cxx.cpp.
    - CVE-2018-20364
  * SECURITY UPDATE: heap overflow in LibRaw::raw2image()
    - debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
      internal/dcraw_common.cpp.
    - CVE-2018-20365

 -- Marc Deslauriers <email address hidden>  Fri, 17 May 2019 13:54:32 -0400

libraw (0.18.8-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple memory management issues
    - debian/patches/CVE-2018-5807_5810_5811_5812.patch: out-of-bounds
      reads, heap-based buffer overflow and NULL pointer dereference in
      internal/dcraw_common.cpp
    - CVE-2018-5807
    - CVE-2018-5810
    - CVE-2018-5811
    - CVE-2018-5812
  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2018-5813.patch: infinite loop in dcraw/dcraw.c
      and internal/dcraw_common.cpp
    - CVE-2018-5813
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-5815.patch: integer overflow in
      internal/dcraw_common.cpp
    - CVE-2018-5815
  * SECURITY UPDATE: Divide by zero
    - debian/patches/CVE-2018-5816.patch: divide by zero in
      internal/dcraw_common.cpp
    - CVE-2018-5816

 -- Alex Murray <email address hidden>  Tue, 04 Dec 2018 15:38:46 +1030

libraw (0.18.8-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2018-10528.patch: parser possible
      buffer overrun in  src/libraw_cxx.cpp.
    - CVE-2018-10528
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2018-10529.patch: X3F property table list fix
      in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
    - CVE-2018-10529

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 07 May 2018 11:31:13 -0300

libraw (0.18.8-1) unstable; urgency=medium

  * New upstream release
    - debian/libraw16.symbols: symbols updated

 -- Matteo F. Vescovi <email address hidden>  Sun, 04 Mar 2018 15:29:17 +0100

libraw (0.18.7-2) unstable; urgency=medium

  [ Jason Duerstock ]
  * debian/libraw16.symbols: symbols refreshed to add ia64 architecture
    (Closes: #888061)

 -- Matteo F. Vescovi <email address hidden>  Wed, 24 Jan 2018 14:44:01 +0100

libraw (0.18.7-1) unstable; urgency=medium

  * New upstream release
  * debian/copyright: copyright-format moved to https://

 -- Matteo F. Vescovi <email address hidden>  Mon, 22 Jan 2018 23:02:49 +0100

libraw (0.18.6-1) unstable; urgency=medium

  * New upstream release
  * debian/compat: 10 -> 11
  * debian/control: debhelper versioning 10 -> 11
  * debian/control: S-V bump 4.1.1 -> 4.1.3 (no changes needed)
  * debian/libraw16.symbols: update MISSING symbols
  * debian/libraw-doc.doc-base: fix installation path

 -- Matteo F. Vescovi <email address hidden>  Sun, 07 Jan 2018 14:04:54 +0100

libraw (0.18.5-1) unstable; urgency=medium

  * New upstream release (Closes: #874729)
  * debian/: autotools-dev usage dropped
  * debian/control: S-V bump 4.0.0 -> 4.1.1 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Fri, 06 Oct 2017 21:51:38 +0200

libraw (0.18.2-2) unstable; urgency=medium

  * Upload to unstable
  * debian/control: S-V bump 3.9.8 => 4.0.0 (no changes needed)

 -- Matteo F. Vescovi <email address hidden>  Thu, 22 Jun 2017 17:32:33 +0200

Ubuntulibraw package

Change logs for libraw source package in Bionic

Ubuntu
libraw package