Security update for libraw
This update for libraw fixes the following issues:
- CVE-2018-5800: Specially crafted RAW files may have caused an application crash via a heap-based buffer overflow (boo#1084690)
- CVE-2018-5801: Specially crafted RAW files may have been used to trigger a NULL pointer de-reference (boo#1084691)
- CVE-2018-5802: Specially crafted RAW files may have caused an application crash via a heap-based buffer overflow (boo#1084688)
- Submitted by Petr Gajdos (pgajdos)
Fixed bugs
bnc#1084688
VUL-1: CVE-2018-5802 libraw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp
bnc#1084691
VUL-1: CVE-2018-5800 libraw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp
bnc#1084690
VUL-1: CVE-2018-5801 libraw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp