User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2013-22854 (dcraw)

Subject:  [SECURITY] Fedora 20 Update: dcraw-9.19-4.fc20
Date:  Tue, 17 Dec 2013 19:15:50 +0000
Message-ID:  <>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-22854 2013-12-06 19:43:59 -------------------------------------------------------------------------------- Name : dcraw Product : Fedora 20 Version : 9.19 Release : 4.fc20 URL : Summary : Tool for decoding raw image data from digital cameras Description : This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. -------------------------------------------------------------------------------- Update Information: This update hardens dcraw against corrupt input files which might trigger a division by zero, an infinite loop, or a null pointer dereference otherwise. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 6 2013 Nils Philippsen <> - 9.19-4 - harden against corrupt input files (CVE-2013-1438) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1002714 - CVE-2013-1438 CVE-2013-1439 LibRaw: multiple denial of service flaws -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update dcraw' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds