File _patchinfo of Package patchinfo.6889

<patchinfo incident="6889">
  <issue id="1084688" tracker="bnc">VUL-1: CVE-2018-5802 libraw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp</issue>
  <issue id="1084691" tracker="bnc">VUL-1: CVE-2018-5800 libraw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw
_common.cpp</issue>
  <issue id="1084690" tracker="bnc">VUL-1: CVE-2018-5801 libraw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp</issue>
  <issue id="1103353" tracker="bnc">VUL-0: CVE-2018-5810: libRaw: heap-based buffer overflow in rollei_load_raw</issue>
  <issue id="1103200" tracker="bnc">VUL-1: CVE-2018-5813: libRaw: infinite loop in the parse_minolta function in dcraw/dcraw.c</issue>
  <issue id="2018-5800" tracker="cve" />
  <issue id="2018-5801" tracker="cve" />
  <issue id="2018-5802" tracker="cve" />
  <issue id="2018-5813" tracker="cve" />
  <issue id="2018-5810" tracker="cve" />
  <category>security</category>
  <rating>low</rating>
  <packager>pgajdos</packager>
  <description>This update for libraw fixes the following issues:

Security issues fixed:

- CVE-2018-5800: Fixed heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function (bsc#1084691).
- CVE-2018-5801: Fixed NULL pointer dereference in LibRaw::unpack function (bsc#1084690).
- CVE-2018-5802: Fixed out-of-bounds read in kodak_radc_load_raw function (bsc#1084688).
- CVE-2018-5813: Fixed infinite loop in the parse_minolta function (bsc#1103200)
- CVE-2018-5810: Fixed a heap-based buffer overflow in rollei_load_raw (bsc#1103353)

</description>
  <summary>Security update for libraw</summary>
</patchinfo>