OPENSUSE-SU-2019:0008-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2018-5804 CVE-2018-5813 CVE-2018-5815 CVE-2018-5816

Published: 23 Mar 2019, 10:42

Last modified:04 Feb 2026, 04:13

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Mar 2019, 10:42

Published

Vulnerability first disclosed

04 Feb 2026, 04:13

Last Modified

Vulnerability information updated

Description

Security update for libraw This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5813: Fixed an error within the 'parse_minolta()' function (dcraw/dcraw.c) that could be exploited to trigger an infinite loop via a specially crafted file. This could be exploited to cause a DoS.(boo#1103200). - CVE-2018-5815: Fixed an integer overflow in the internal/dcraw_common.cpp:parse_qt() function, that could be exploited to cause an infinite loop via a specially crafted Apple QuickTime file. (boo#1103206) - CVE-2018-5804,CVE-2018-5816: Fixed a type confusion error in the identify function (bsc#1097975) This update was imported from the SUSE:SLE-15:Update update project.

Affected Systems

opensuse•libraw&distro=openSUSE Leap 15.0
< 0.18.9-lp150.2.3.1

OPENSUSE-SU-2019:0008-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (8)