-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 24 Sep 2017 16:03:02 +0200 Source: libraw Binary: libraw5 libraw-bin libraw-dev libraw-doc Architecture: source amd64 all Version: 0.14.6-2+deb7u3 Distribution: wheezy-security Urgency: medium Maintainer: Debian Shotwell Maintainers <pkg-shotwell-maint@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libraw-bin - raw image decoder library (tools) libraw-dev - raw image decoder library (development files) libraw-doc - raw image decoder library (documentation) libraw5 - raw image decoder library Changes: libraw (0.14.6-2+deb7u3) wheezy-security; urgency=medium . * Non-maintainer upload by the Wheezy LTS Team. * CVE-2017-14608 An out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. Checksums-Sha1: 9f52b553e14bc9bd4d512b229c89fceecc963b25 2156 libraw_0.14.6-2+deb7u3.dsc 0a55901d17165cc7e902af9c376df9bab4c40833 1359665 libraw_0.14.6.orig.tar.gz d85abb750d80a56c75143d6f570538c4d2eb175b 9605 libraw_0.14.6-2+deb7u3.debian.tar.gz d8ae643e6cabaa005a2aa26b24a6000bbf4fa24b 343110 libraw5_0.14.6-2+deb7u3_amd64.deb 5561c5b30c39e32934d28eaaf06a1522fc48d8ee 50694 libraw-bin_0.14.6-2+deb7u3_amd64.deb 0119b94885cf57574566947457999240355d649d 363434 libraw-dev_0.14.6-2+deb7u3_amd64.deb a4e3dd7bae61837ddd23909731cb04d09bf165e4 114242 libraw-doc_0.14.6-2+deb7u3_all.deb Checksums-Sha256: 5deb4503f6e21940eefc0222affe856f213fdd0aba70df0a7a867299a32a6a6d 2156 libraw_0.14.6-2+deb7u3.dsc dad1ebe182584630d4b0fa8801bfefb83ebccf83d89be2f0e1ca3abcfa0ea80d 1359665 libraw_0.14.6.orig.tar.gz a84f3ef9f66294f568a55e660f5cd039fb120372568cd305be84dc0af84cf937 9605 libraw_0.14.6-2+deb7u3.debian.tar.gz 1e55c66e15c726392796bae60379223db2e81925ae3b5ba22226c4437da4cf0b 343110 libraw5_0.14.6-2+deb7u3_amd64.deb a431b8d854313fc1753032fa472579be0e660ff1fb5c894c057e29a04af28d8f 50694 libraw-bin_0.14.6-2+deb7u3_amd64.deb 110c4d8b89e3aeb8fd13715ba7dff794da6bbf31e684fda81b6008280fe6309a 363434 libraw-dev_0.14.6-2+deb7u3_amd64.deb 78a6cd7ef08be2eb995bff0e9af10fdaad88ae6263557eebd8c9f764323e63db 114242 libraw-doc_0.14.6-2+deb7u3_all.deb Files: b1d2a08368473531aeeb0392cc0d8957 2156 libs optional libraw_0.14.6-2+deb7u3.dsc c2921db0ed650dc0f16c6d87f804e742 1359665 libs optional libraw_0.14.6.orig.tar.gz 8f932102757c2573439b53bd8e4d2f97 9605 libs optional libraw_0.14.6-2+deb7u3.debian.tar.gz a0620f1956dd2ec0141b737519194163 343110 libs optional libraw5_0.14.6-2+deb7u3_amd64.deb 6a9bb626dbbdc61dbbcd99154c2cbc7d 50694 graphics optional libraw-bin_0.14.6-2+deb7u3_amd64.deb 54f1fdcb7a2fe5e6e4f6d1ba06be6407 363434 libdevel optional libraw-dev_0.14.6-2+deb7u3_amd64.deb 1e95a61c22e08730a1ece8c7a3d4cd81 114242 doc optional libraw-doc_0.14.6-2+deb7u3_all.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlnH0C9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR0VbEACavwDjH9TvgglJ96mQDuAo54Mb4sXU J/98GNDBu0BYA4mNm31XKDqfNShcgfQ+mEdizoAh/u5c+jHemjNDtCDclHAzvNbK C1Ln9pymRbxFzGbNkGEPfXOpmzPlmWqqkptHdC/ie01wHxkCKDqb/LKx64i3KUHq OxW+IV0ugUqjJosOicl0KhDxhqj1CrFuPpj46EZjVe3cPlRLJkNUvq3wvfXlUJF5 4fOYhEeiwne2EjLtuKLXXwddAGIyfc0IkiGm3pPG7u7VBez3/8DIs6xL6G7KJ34N Ez8eXV/maJOEBd7gnN/EoTMPBC/7xfX0lTDeTyVcbRtRQK4Nrwdlbfw3vRcoD8ev bQ+WRiQjv67Mxwr24imOnQ6Y07J2dP2Y6FrOtSN2n9PH9BEqPUvYLp0jmKkGcpIM +hBJLJluB+o7iCkLrAb65TN0zVZK1p0HIwbM2LKx2L6ZUt8jXKKtj8KYbj2WW1NA d7EcUVkkClH4RHnS/6c+09rjER4wspSLOOxZ00adnmEh2fjkcFmyLxWJloDlLxlK zgRA48PKGTb4NLunpsAzpa91ClotWsTu8IpQDrEBKVa7+QM9Zv9XBL55dsuzu4Ff t6+v9bfNKI/wB4VSq1I49/Mlb0Sxy1mjwelgKk2kDmK/NmJtVzP02BGDzbML9UWQ 2raYVWsATMry4A== =5go1 -----END PGP SIGNATURE-----
