On Mon, 21 Mar 2016 12:06:38 +0100, Moritz Muehlenhoff <[email protected]> said:
> CVE-2015-8366 in dcraw also affects ufraw. The dcraw upstream fix is > https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2 It looks like ufraw (and probably all other dcraw-derived packages) is also affected by CVE-2015-8367 https://github.com/LibRaw/LibRaw/commit/490ef94d1796f730180039e80997efe5c58db780 which I'll fix as well in the next ufraw upload. -- Hubert Chathi <[email protected]> -- Jabber: [email protected] PGP/GnuPG key: 4096R/113A1368 https://www.uhoreg.ca/ Fingerprint: F24C F749 6C73 DDB8 DCB8 72DE B2DE 88D3 113A 1368
