An update for LibRaw is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1280 Final 1.0 1.0 2023-05-19 Initial 2023-05-19 2023-05-19 openEuler SA Tool V1.0 2023-05-19 LibRaw security update An update for LibRaw is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1. LibRaw is a library for reading RAW files from digital photo cameras (CRW/CR2, NEF, RAF, etc, virtually all RAW formats are supported).It pays special attention to correct retrieval of data required for subsequent RAW conversion.The library is intended for embedding in RAW converters, data analyzers, and other programs using RAW files as the initial data. Security Fix(es): A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.(CVE-2023-1729) An update for LibRaw is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1. openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Low LibRaw https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1280 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-1729 https://nvd.nist.gov/vuln/detail/CVE-2023-1729 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 LibRaw-debugsource-0.20.2-5.oe1.aarch64.rpm LibRaw-0.20.2-5.oe1.aarch64.rpm LibRaw-debuginfo-0.20.2-5.oe1.aarch64.rpm LibRaw-devel-0.20.2-5.oe1.aarch64.rpm LibRaw-devel-0.20.2-5.oe1.aarch64.rpm LibRaw-debugsource-0.20.2-5.oe1.aarch64.rpm LibRaw-0.20.2-5.oe1.aarch64.rpm LibRaw-debuginfo-0.20.2-5.oe1.aarch64.rpm LibRaw-debuginfo-0.20.2-6.oe2203.aarch64.rpm LibRaw-0.20.2-6.oe2203.aarch64.rpm LibRaw-devel-0.20.2-6.oe2203.aarch64.rpm LibRaw-debugsource-0.20.2-6.oe2203.aarch64.rpm LibRaw-0.20.2-6.oe2203sp1.aarch64.rpm LibRaw-debuginfo-0.20.2-6.oe2203sp1.aarch64.rpm LibRaw-devel-0.20.2-6.oe2203sp1.aarch64.rpm LibRaw-debugsource-0.20.2-6.oe2203sp1.aarch64.rpm LibRaw-0.20.2-5.oe1.src.rpm LibRaw-0.20.2-5.oe1.src.rpm LibRaw-0.20.2-6.oe2203.src.rpm LibRaw-0.20.2-6.oe2203sp1.src.rpm LibRaw-0.20.2-5.oe1.x86_64.rpm LibRaw-devel-0.20.2-5.oe1.x86_64.rpm LibRaw-debugsource-0.20.2-5.oe1.x86_64.rpm LibRaw-debuginfo-0.20.2-5.oe1.x86_64.rpm LibRaw-debugsource-0.20.2-5.oe1.x86_64.rpm LibRaw-devel-0.20.2-5.oe1.x86_64.rpm LibRaw-debuginfo-0.20.2-5.oe1.x86_64.rpm LibRaw-0.20.2-5.oe1.x86_64.rpm LibRaw-0.20.2-6.oe2203.x86_64.rpm LibRaw-devel-0.20.2-6.oe2203.x86_64.rpm LibRaw-debuginfo-0.20.2-6.oe2203.x86_64.rpm LibRaw-debugsource-0.20.2-6.oe2203.x86_64.rpm LibRaw-debuginfo-0.20.2-6.oe2203sp1.x86_64.rpm LibRaw-devel-0.20.2-6.oe2203sp1.x86_64.rpm LibRaw-debugsource-0.20.2-6.oe2203sp1.x86_64.rpm LibRaw-0.20.2-6.oe2203sp1.x86_64.rpm A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. 2023-05-19 CVE-2023-1729 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 Low 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L LibRaw security update 2023-05-19 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1280