drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in UFRaw
Name: |
Denial of Service in UFRaw |
|
ID: |
FEDORA-2013-22924 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 19 |
|
Datum: |
Di, 17. Dezember 2013, 07:45 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1439 |
|
Applikationen: |
UFRaw |
|
Originalnachricht |
Name : ufraw Product : Fedora 19 Version : 0.19.2 Release : 10.fc19 URL : http://ufraw.sourceforge.net Summary : Raw image data retrieval tool for digital cameras Description : UFRaw is a tool for opening raw format images of digital cameras.
------------------------------------------------------------------------------- - Update Information:
This update hardens ufraw against corrupt input files which might trigger a division by zero, an infinite loop, or a null pointer dereference otherwise. ------------------------------------------------------------------------------- - ChangeLog:
* Fri Dec 6 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-10 - harden against corrupt input files (CVE-2013-1438) * Tue Dec 3 2013 Rex Dieter <rdieter@fedoraproject.org> 0.19.2-9 - rebuild (exiv2) * Sat Oct 5 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-8 - actually require lcms2-devel for building - update lcms2 patch so that it builds with lcms2 < 2.5 * Wed Oct 2 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-7 - build against lcms2 - drop obsolete configure options (exiv2, lensfun, libexif) * Thu Sep 19 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-6 - fix disabling cinepaint subpackage from F-20 on (#986689) * Fri Sep 13 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-6 - drop ancient obsoletes (#1002124) * Fri Sep 13 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-5 - gimp plug-in: - decode EXIF into XMP - register TIFF and XML file loader magic values to fix loading raw files in and sending images to upcoming GIMP versions * Wed Jul 31 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-4 - don't own plug-in directories (#989890) - install symlinked ufraw-batch man page * Mon Jul 29 2013 Nils Philippsen <nils@redhat.com> - 0.19.2-3 - disable cinepaint subpackage from F-20 on (#986689) - rebuild for newer cfitsio * Sat May 11 2013 Rex Dieter <rdieter@fedoraproject.org> 0.19.2-2.1 - rebuild for newer lensfun (#947988) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1002714 - CVE-2013-1438 CVE-2013-1439 LibRaw: multiple denial of service flaws https://bugzilla.redhat.com/show_bug.cgi?id=1002714 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update ufraw' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|